Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Moving temporary files to another drive.

    Burp is taking up a lot of space on my C drive. How can I configure it to use E drive instead?

    2 Agent Answers    1 Community Answer
    Jan 21, 2016 08:21PM UTC
  • viewing and modifying spider queues

    There are x number of requests queued in Spider and y number of forms queued. How can we see these queues (and modify them)?

    2 Agent Answers    1 Community Answer
    Jan 21, 2016 08:10PM UTC
  • multiple sessions

    How can we run 2 individual sessions of Burp Suite concurrently? For example, if we need to switch between two work cases frequently.

    1 Agent Answer    1 Community Answer
    Jan 21, 2016 06:37PM UTC
  • high contrast colors

    Hi, in "Target >> Site map", entries are colored black and gray. Is there any setting in options to change the colors to a "high contrast" pair? My eyes can't quite tell the contrast between black and gray.

    1 Agent Answer    0 Community Answer
    Jan 21, 2016 06:19PM UTC
  • Which tutorial to read?

    Good afternoon, I see two tutorials. One at https://portswigger.net/burp/help/contents.html (documentation) and the other at https://support.portswigger.net/#SC_IndexPageTopics (supportcenter) Why are there two tutorials? Assuming that I only have the time to go through one of them, should I read then first tutorial or the second one? Best regards

    2 Agent Answers    1 Community Answer
    Jan 21, 2016 03:05AM UTC
  • SSL certificate issue

    How can I prevent my scans from reporting an SSL certificate issue Severity: Medium Confidence: Certain Host: https://localhost:44300 Path: / "The server's certificate is not trusted" Issued to: localhost Issued by: CN=localhost I'm using IIS express and have added the certificate to the windows store, so I can navigate in the browser without being prompted to conti...

    3 Agent Answers    2 Community Answers
    Jan 15, 2016 11:38AM UTC
  • I encountered the issue of reset connection

    I have experienced "reset connect" from Proxy option. In the way, I try every possible solution but just can't get rid of it. Plus, this error message appeared after I have scanned certain host. So what should I do.

    5 Agent Answers    5 Community Answers
    Jan 14, 2016 09:22AM UTC
  • Scanner Issue activity

    Hello, How can I preserve the "issue activity" contents across restores? Thank you

    1 Agent Answer    0 Community Answer
    Jan 13, 2016 11:27PM UTC
  • burp active scan

    Hi, I am testing a web page (a form) that allows you to make the changes for several fields. The form has several parameters in POST request (name and value pair in the body). If you do not make any changes, and hit submit, it will come back "no change made" page. If you do make change, it will come back with "confirmation page". I did two tests (1) made no change in reques...

    1 Agent Answer    0 Community Answer
    Jan 13, 2016 03:48PM UTC
  • Severity Ratings

    I understand that the severity ratings are defined based upon the experience of your security researchers and and seeing the vulnerabilities in real applications. What I have not yet been able to identify is what exactly a High, Medium or Low actually means. If a vulnerability is identified as High, what does that mean? Does a high mean that the effort needed to exploit is trivial, and the da...

    1 Agent Answer    0 Community Answer
    Jan 11, 2016 07:09PM UTC