Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Proxy configuration

    I have a Web application that is accessible via a proxy that needs to be configured in browser and it is on 8080 port. How to intercept it using burp suite to get its traffic via 127.0.0.1:8080

    2 Agent Answers    1 Community Answer
    Sep 27, 2017 06:53PM UTC
  • Alter the request content sent and received from the scanner

    Hi, So I'm trying to write an extender plugin which will decode a fasterinfoset encoded request body before sending it to the scanner so that injection points can be correctly identified. It should then re-encode the scanner output before being sent, but I can't see how to hook into the scanner in this way. Thanks!

    1 Agent Answer    0 Community Answer
    Sep 26, 2017 12:59PM UTC
  • Sharing HTTP history of Proxy and Scanner Result

    Hi there! We share work on one Web site. So We want to work with Burp suite more than one person. We would like to work while sharing the HTTP history of Proxy and Scanner Result. How can We do it? If We can't, Is there a way to combine multiple reports into one?

    1 Agent Answer    0 Community Answer
    Sep 26, 2017 03:10AM UTC
  • silent install

    Is there anyway to perform a silent install of your software?

    1 Agent Answer    0 Community Answer
    Sep 22, 2017 09:36PM UTC
  • Help reading reports better to verify issue with manual scanning

    After I finished scanning a website, I use the Burp suite reporting tool and save the file with a html file ext. When I going over the reports and someone asked me to verify that issue. The issue is part of filename multipart parameter attribute. I am having trouble putting the exact weblink to test like SQL or XSS issue that is listed as severity high confidence firm in the request part of...

    2 Agent Answers    1 Community Answer
    Sep 22, 2017 06:21PM UTC
  • Make SSL work with Chrome (yes, I read the installation procs)

    After banging my head for half an hour, I think Burp Suite's Certificate is out of date in regards to Google Chrome. I'm using Mac, the certificate's been correctly installed for a long time in my KeyChain (used to work fine in Chrome). Now it's not, so I reinstalled everything except Chrome, generated new CA etc. The whole thing. Still not working, classical NET::ERR_CERT_C...

    5 Agent Answers    4 Community Answers
    Sep 17, 2017 09:43PM UTC
  • Cross-Site Scripting (Stored) Issue Inconsistency

    Hello, I ran a scan of an application and a Cross-Site Scripting (Stored) issue was reported at an Informational level. One of the parameters of the PUT request accepted a payload of j5kts<script>alert(1)</script>jveob, which was then returned in a subsequent GET request. After not changing anything about the application or the scanning options, I ran the scan of that endpoint (b...

    1 Agent Answer    0 Community Answer
    Sep 14, 2017 02:07PM UTC
  • Communication to 54.246.133.196

    Burp communicates with the IP 54.246.133.196. How can I disable this?

    2 Agent Answers    1 Community Answer
    Sep 12, 2017 06:56AM UTC
  • Forward Request to Burp Suite

    How to forward request to Burp Suite from browser, if browser proxy settings are disabled due to Group Policy. There is no Connection tab in the IE to set proxy. Please help.

    2 Agent Answers    1 Community Answer
    Sep 12, 2017 03:26AM UTC
  • How should I config if i need parse https data?

    I use Mac + Burpsuite + chrome (v61.0) + SwitchyOmega , and I had tried almost all tutorials to setup CA and it doesn't work. I followed this steps: 1. I access 127.0.0.1:8080 and download the cacert.der CA file. 2. I double click this file and it jumps to mac system 'key string access'. 3. I use file -> import project to import this CA file and modify the attribute to '...

    1 Agent Answer    0 Community Answer
    Sep 09, 2017 02:52AM UTC