Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Macro+soap service

    Hello, I have to test a soap service. Specifically a function that deletes a token. For the deletion to be successful I need to use the function to create it. So i created a macro that runs the creation and I have set the custom position of the token. However I cannot use this token to the deletion function that I want to test. This fails probably because the parameter is not "normal" - ...

    1 Agent Answer    1 Community Answer
    Sep 07, 2017 11:16PM UTC
  • Configure Cluster bomb

    Let's say I use a cluster bomb attack with the repeater on this request (a quiz in which you can pass by checking the 3 corrects answers: &answer1=§0§&answer2=§0§&answer3=§0§&answer4=§0§&answer5=§0§&answer6=§0§&good_answers=3 For my payload type, I use a simple list with two string... 0( answer not chosen) and 1(answer choosen) This give me a total of 64 ...

    2 Agent Answers    3 Community Answers
    Sep 07, 2017 05:03AM UTC
  • Private Burp Collaborator Daemon Stop/Start

    Hi there, I just moved the newest burpsuite pro jar to my existing, private collaborator server, but I'm having some trouble with the daemon which I'd like to stop & start to apply the newest jar. I've issued a stop to it (sudo /etc/init.d/burp-collaborator stop) but the process continues and clearly is not stopping. Any ideas on the best way apply the latest jar given these c...

    1 Agent Answer    0 Community Answer
    Sep 05, 2017 02:46PM UTC
  • Advanced Proxy Settings

    I asked the following query a couple of days back: - I want to access a server which is in a different part of the globe. If I access to the server, I get an error of being outside of that country. If I use fiddler and add a simple flag of "X-override Gateway" in the script, I am able to access the application. So, in Burp Suite I changed the upstream proxy settings , still I am getti...

    1 Agent Answer    0 Community Answer
    Sep 01, 2017 06:39AM UTC
  • How to fix a corrupted project file?

    Hey, I had a Burp session running when my laptop restarted itself overnight. After starting new session and choosing and existing project file which was in use before laptop restarted I get information that "selected project file appears to be corrupt and cannot be opened". After specifying new or existing empty file from a file chooser and clicking the repair button Burp returns &quo...

    5 Agent Answers    5 Community Answers
    Sep 01, 2017 02:37AM UTC
  • How to launch Intruder attack from command line

    Hi, I would like to know if there is a way to record an Intruder attack so that it would be possible to launch it again from command line. The idea is to automatically launch fuzz testing. Through my research, I saw it might be possible to do so for scan and spider with Burp extender Carbonator, but nothing seems to be available for the intruder feature : https://support.portswigger.net...

    1 Agent Answer    0 Community Answer
    Aug 31, 2017 10:25AM UTC
  • How to launch Intruder attack from command line

    Hi, I would like to know if there is a way to record an Intruder attack so that it would be possible to launch it again from command line. The idea is to automatically launch fuzz testing. Through my research, I saw it might be possible to do so for scan and spider with Burp extender Carbonator, but nothing seems to be available for the intruder feature : https://support.portswigger.net...

    1 Agent Answer    0 Community Answer
    Aug 31, 2017 10:25AM UTC
  • Advanced Proxy settings

    I want to access a server which is in a different part of the globe. If I access to the server, I get an error of being outside of that country. If I use fiddler and add a simple flag of "X-override Gateway" in the script, I am able to access the application. So, in Burp Suite I changed the upstream proxy settings , still I am getting an error of being outside the country. I even trie...

    2 Agent Answers    1 Community Answer
    Aug 30, 2017 10:35AM UTC
  • Compare site maps with different Cookies

    I have an application with Basic Authentication as login. If access is granted, the user is tracked by cookie (PHPSESSID). The application was spidered and scanned as admin user. Now I want to compare the site map with one from another user (less privileges). Since it is not useful to do all the spidering again (could be that some URL is missing), I want to compare this saved site map (admin u...

    1 Agent Answer    0 Community Answer
    Aug 28, 2017 06:16PM UTC
  • SSL Certificate Fatal Error - Burp 1.7.26 Pro version. Is there any issue reported already?

    Hi, Very strange to ask this, but have been using Burp Pro version since long 4-5 years approx. All was working fine until BurpSuite 1.7.25. Since BurpSuite 1.7.26, HTTPS Urls from apps(works good through Browsers) encounter the SSL certificate fatal error on multiple devices(Android and IOS). Have tried replacing the certificate by clearing already installed Burp Certificate. Setup: Burp...

    1 Agent Answer    2 Community Answers
    Aug 28, 2017 02:46PM UTC