Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Proxy (VPN) Help [URGENT]

    Hello, I've got Burp Suite Professional and I've got a test Process here for my Website, that it attempts a combination of a specific E-Mail and a bunch of Passwords. However, I've put it (on my Website), so if the user inputs 10 times the wrong Password, you can try again in 30 Minutes. Is it possible to insert some kind of Proxy/VPN to Burp Suite, so every 10 attempts, switch I...

    1 Agent Answer    0 Community Answer
    Jul 22, 2015 11:00PM UTC
  • the restoreState() function gives a runtime error

    I'm developing an extension that pulls back a list of saved burp states into a table. I'm trying to get the application to restore the burp state when one of these items is clicked. Unfortunatly Burp is giving me a runtime error when the file is accessed. I'm even manually added the path to a known file and still get same error. Any idea what i'm doing wrong here? Here is my...

    4 Agent Answers    2 Community Answers
    Jul 20, 2015 04:53PM UTC
  • Burp Collaborator - Wildcard certificate problem

    Hi all, I have an internal collaborator Server up and running on a physical server with the following config: { "serverDomain" : "collaborator.test.com" "eventCapture" : { "https": { "hostname" : "collaborator.test.com" } }, "polling" : { "https": { "hostname"...

    3 Agent Answers    1 Community Answer
    Jul 18, 2015 07:27AM UTC
  • Burp Not capturing the request even the intercept on

    Here i want the solution of this issue Burp Not capturing the request even the intercept on and i can see the brup target its capturing but not the intercept even if the scanner also capturing but in intercept tab even its on no request is showing

    1 Agent Answer    1 Community Answer
    Jul 18, 2015 01:43AM UTC
  • How do I re-link burp to a /tmp/burpxxxxxxx.tmp/ folder after it crashed

    I had TONS of data in that burp session before Java gave up and cashed. I absolutely need it back.

    2 Agent Answers    1 Community Answer
    Jul 17, 2015 05:19PM UTC
  • 'Interface port 8080 is not running'

    Hi, I am using Burp Suite 1.6 Free Edition. in proxy option and proxy Listeners section my Interface (127.0.0.1:8080), Running Check Box is not checked ! how do i?, i click the CheckBox but nothing to show. pls help me pic -> http://s6.uplod.ir/i/00638/5zoazva0jd3s.png

    1 Agent Answer    0 Community Answer
    Jul 11, 2015 01:41AM UTC
  • Determining number of requests/attacks made

    I am scanning two websites for XSS attacks (or any other test) only One is ASP.net and other is PHP. Lets say I am testing only URL parameter value and in both the cases there 5 parameters each Question 1: For both the websites, number of attack requests sent will be the same or the number of requests will differ ? (since they have same number of parameters) Question 2: If the number ...

    1 Agent Answer    0 Community Answer
    Jul 10, 2015 01:07PM UTC
  • Handling Multi-Staged Logins for Scan with Burp

    I am trying to automate the login process and validation of successful login via Burp Session Handling/Macros. This login requires an initial POST that includes the username/password, then, in the response to the initial POST, it asks the user to answer one of four different secondary questions (favorite color, city you live in, etc.), which you answer and send back in the second POST to compl...

    4 Agent Answers    4 Community Answers
    Jul 09, 2015 06:23PM UTC
  • changing responses exiting burp

    A thick java application needs gzipped responses, so I'm trying to make an extension that re-gzips HTTP responses going from burp to the application. However I can't find the right callback to register. Both IHttpListener and IProxyListener hook before I can manually edit the response. I want the extension to act after editing (when I click the forward button).

    1 Agent Answer    1 Community Answer
    Jul 09, 2015 09:35AM UTC
  • intercept proxy based applications

    I was trying to intercept an application (Internet Download Manager) requests after I configured it's proxy, I was able to intercept the request, however I don't receive response. could it be a certificate problem? if not, what is it

    3 Agent Answers    2 Community Answers
    Jul 09, 2015 05:40AM UTC