Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Configuration proxy with proxy

    Hi, I have problem - i would like to perform penetration testing but service that i need to test requires proxy so i would like to know if i can setup burp to forward request to proxy? Artur

    1 Agent Answer    0 Community Answer
    Dec 22, 2017 01:25PM UTC
  • Stop other domain in Proxy inrterceptor?

    Proxy intercetor keep intercepting other domains in the browser, but i dont want that, i want it to intercept only all requests of www.abc.com only not other websites, how to do this

    1 Agent Answer    0 Community Answer
    Dec 20, 2017 10:54AM UTC
  • Authentication in Meteor WebApp

    Hello, I have a Meteor based web application that uses Meteor's `accounts-ui` and `accounts-password` packages for login/authentication handling. I've been following this tutorial to get the point-and-click scanner functionality running but with no luck: https://portswigger.net/burp/help/scanner_pointandclick in getting a successful login. Specifically, I have attempted to use both ...

    1 Agent Answer    0 Community Answer
    Dec 20, 2017 05:41AM UTC
  • Active Scanning

    While Scanning I want to change a particular parameter value since it gives error if the value is duplicate. How do I change the value while scanning the request?

    1 Agent Answer    0 Community Answer
    Dec 20, 2017 05:12AM UTC
  • Remove unnecessary data from the project

    Hi, is there a way to wipe all the out-of-scope data and the data of certain Burp tools (especially Spider) from a project without saving a project as a new file and then deleting the initial one?

    2 Agent Answers    1 Community Answer
    Dec 19, 2017 09:26AM UTC
  • Expression Language Injection Syntax

    I'm trying to improve my understanding of expression language (EL) injections. The following injections were created by Burp Scanner: ${@java.lang.Thread@sleep(500)} ${"aaaaaaaaaaaaaaaa".toString().replace("a","b")} Why are the at signs "@" needed to reference java classes and then their methods? I can't find anything online that referen...

    3 Agent Answers    1 Community Answer
    Dec 18, 2017 06:37PM UTC
  • CSRF attacks disrupting testing flow

    I am having trouble using Burp with my application's CSRF defenses. I can get around these problems by disabling a few features, but I am concerned that I may be approaching this problem the wrong way. My application defends against CSRF attacks by (1) checking the Origin and Referer headers and (2) using the double-submit cookie pattern. (I.e. we submit a CSRF token in the cookie and form...

    1 Agent Answer    0 Community Answer
    Dec 15, 2017 10:54PM UTC
  • set a scope and do not logout

    Hi, I'm not sure if I'm the problem or if something has changed :-) so let me explain. I'm testing an application where a logout can be done with a URL like www.site.com/index.php?module=Users&action=Logout . In the tab Target > Scope I remember I had per default logout, logoff, signoff and exit in "Exclude from scope". Hint: "Use advanced scope control...

    3 Agent Answers    2 Community Answers
    Dec 13, 2017 03:21PM UTC
  • uninstalling burp suit free version from ubuntu 17.04

    I have installed free burp suite version on ubuntu 17.04 . I have bought professional version license key. I wish uninstall this free burp suite and install the professional burp suite. I have failed to find any help on how to uninstall burp suite free version from ubuntu. 1) Kindly help me with the steps on how to uninstall burp suite (the free version I have).\ 2) Is there a possibility tha...

    1 Agent Answer    0 Community Answer
    Dec 13, 2017 09:56AM UTC
  • [Burp Proxy with Android] No connection to proxy from other device

    Hello, I've recently had this error pop up and I'm unable to fix it. I'm trying to intercept http traffic from my Android device with Burp, I have done this with the exact same setup a few days ago and it worked fine, however the phone now behaves as if Burp proxy weren't up, it shows me a standard "Misconfigured proxy/Proxy refused connection" error message whatev...

    1 Agent Answer    2 Community Answers
    Dec 12, 2017 04:41PM UTC