Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Installing Burp Suite SSL cert Firefox-Linux

    I have selected Manual proxy configuration in Firefox and turned the Intercept on in burp suite. When I visit a site I get the "Secure connection failed" error, so I am now trying to install Burp's SSL certificate. But when I go to http://burp I get "404 not found - nginx/1.4.6(ubuntu)"

    1 Agent Answer    0 Community Answer
    Jul 12, 2017 02:36AM UTC
  • How to resolve error code sec_error_unknown_issuer

    How to resolve error code sec_error_unknown_issuer? Why this error occured ? I am using mozilla as well as chrome. Its not working on any of those.

    1 Agent Answer    0 Community Answer
    Jul 10, 2017 06:17AM UTC
  • Macro changing all parameters, despite Session Handling Settings

    Hi There, I setup a Macro to capture a CSRF token and that piece in and of itself is working wonderfully. The problem is that the Macro changes all of my macro values to the default values saved from when the macro was recorded. This doesn't matter if I have the macro settings set to preset or from the previous response. Nor does it matter if I have set Burp to only change a specific ...

    1 Agent Answer    0 Community Answer
    Jul 07, 2017 11:44PM UTC
  • Burp Collaborator DNS Configuration

    Hi, I'm currently experiencing issues configuring DNS settings on a Burp Collaborator server I have deployed on a cloud instance. The server is within a sub-domain of my companies domain. Within the documentation it mentions that you have to configure your domain so that DNS for the domain is delegated to your collaborator server. Little confused about this. Does anyone have a solid founda...

    1 Agent Answer    0 Community Answer
    Jul 07, 2017 06:50PM UTC
  • Skipping server side tests for .js and .css files

    How do I set the active scanner to skip server side tests for all .js and .css files? I currently have the following set with the scanner options tab and its not working: Skip server-side tests for: Parameter = URL path filename Item = Value Match Type = Matches Regex Matches Expression = (\.css|.\woff2|\.woff|\.png|\.jpg|\.ico|\.svg |\.js)

    1 Agent Answer    0 Community Answer
    Jul 05, 2017 07:19PM UTC
  • Start a Temp Project with Cli

    Hi, We are limited to use Java 32bit and since it's not very supported it's not possible to work with projects, is there a way to work with temp projects automatically? i.e. launch burp without all the fancy start up wizards? (passing a config works fine)

    2 Agent Answers    2 Community Answers
    Jul 04, 2017 06:08PM UTC
  • Auto-reject client requests for sites with bad certificates

    I'd like to configure Burp Suite to automatically reject requests from the client for sites with bad certificates. This seems really basic, but I haven't found a way to do this. Using badssl.com for testing, Burp Suite lets all of the bad certs right through. Thank you in advance for your help.

    1 Agent Answer    0 Community Answer
    Jun 29, 2017 03:28AM UTC
  • Testing web services

    Is burp capable of testing web services - can all test cases defined in OWASP cheat sheet be tested ? https://www.owasp.org/index.php/Web_Service_Security_Testing_Cheat_Sheet

    1 Agent Answer    0 Community Answer
    Jun 28, 2017 02:22PM UTC
  • spider authentication error

    Hi, I am facing authentication errors when I try to Spider my application. I have enabled proxy and I am already logged into the application. When I start the Spider all the queued requests throw following error, <!DOCTYPE html><html><head><title>Apache Tomcat - Error report</title><style type="text/css">H1 {font-family:Tahoma,Arial,sans-serif;colo...

    2 Agent Answers    1 Community Answer
    Jun 28, 2017 02:14AM UTC
  • JavaScript not detected error?

    I am getting

    1 Agent Answer    1 Community Answer
    Jun 28, 2017 01:17AM UTC