Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Whatsapp and twitter MITM

    Dears, Can anyone please assist why cant i intercept Whatsapp or twitter packets from mobile device even after installing the burp certificate and unpinned the app.

    2 Agent Answers    1 Community Answer
    Jul 20, 2017 09:30AM UTC
  • Is that possible to create a Docker image of Burp Pro?

    I am trying to create a docker image of Burp suite, two challenges showed up: 1. How to get a Burp Pro version and load the license in it without UI interaction? 2. I have some my own extensions as Jar files, how can I load the extensions without UI interaction? Thanks! Kai

    3 Agent Answers    3 Community Answers
    Jul 18, 2017 06:43PM UTC
  • Burp Collaborator Health Check & SSL

    Hello, I have deployed a private Collaborator on my internal network, and I am attempting to get SSL to work. We have an internal CA that I have used to issue a wildcard cert. When I run the health check I still get a warning for the 'server https connection (trust enforced)' and 'server smtps connection (trust enforced). The accompanying message for that warning is: An SSL er...

    2 Agent Answers    1 Community Answer
    Jul 17, 2017 10:22PM UTC
  • Burp spider/scan - endless requests due application design

    Hi, I was wondering if anyone has some tips for spidering/scanning web application that uses URI to create searches and define options for downloads. For example: https://application.com/archive/june/05/batch/all/3/25/1 After the /archive/ there are lots of different options for searches/downloads that use the URI. Now when i spider or scan application like this, there will be "...

    1 Agent Answer    1 Community Answer
    Jul 17, 2017 07:51AM UTC
  • How do I reuse or restrict burp's source ports

    I'am using intruder configured with 50 threads. It seems that on each request burp uses new source port. The gateway router NATs every request on a separate port. Each 16300 requests intruders requests are dropped for couple of minutes. It seems that the router doesn't provide new ports. During the drops the router probably waits to timeout all the allocated ports which have been used on...

    1 Agent Answer    0 Community Answer
    Jul 16, 2017 06:06PM UTC
  • Match and replace

    Hello. How do I write a newline character in the Replace field, in "Match and Replace"? Which kind of notation is used? Is there any list of examples? Thanks in advance.

    3 Agent Answers    3 Community Answers
    Jul 13, 2017 02:32AM UTC
  • Installing Burp Suite SSL cert Firefox-Linux

    I have selected Manual proxy configuration in Firefox and turned the Intercept on in burp suite. When I visit a site I get the "Secure connection failed" error, so I am now trying to install Burp's SSL certificate. But when I go to http://burp I get "404 not found - nginx/1.4.6(ubuntu)"

    1 Agent Answer    0 Community Answer
    Jul 12, 2017 02:36AM UTC
  • How to resolve error code sec_error_unknown_issuer

    How to resolve error code sec_error_unknown_issuer? Why this error occured ? I am using mozilla as well as chrome. Its not working on any of those.

    1 Agent Answer    0 Community Answer
    Jul 10, 2017 06:17AM UTC
  • Macro changing all parameters, despite Session Handling Settings

    Hi There, I setup a Macro to capture a CSRF token and that piece in and of itself is working wonderfully. The problem is that the Macro changes all of my macro values to the default values saved from when the macro was recorded. This doesn't matter if I have the macro settings set to preset or from the previous response. Nor does it matter if I have set Burp to only change a specific ...

    1 Agent Answer    0 Community Answer
    Jul 07, 2017 11:44PM UTC
  • Burp Collaborator DNS Configuration

    Hi, I'm currently experiencing issues configuring DNS settings on a Burp Collaborator server I have deployed on a cloud instance. The server is within a sub-domain of my companies domain. Within the documentation it mentions that you have to configure your domain so that DNS for the domain is delegated to your collaborator server. Little confused about this. Does anyone have a solid founda...

    1 Agent Answer    0 Community Answer
    Jul 07, 2017 06:50PM UTC