Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • Connection reset error or 502 bad gateway

    I frequently get connection reset error or 502 Bad gateway error while i crawl through a website whereas the initial requests are 200. All the settings and certificates are in place. Not sure on what other settings to make? Please help.

    1 Agent Answer    0 Community Answer
    Feb 06, 2018 12:40PM UTC
  • Create a simple Burp Extension to save scrolled URLs to a txt file

    Hi, I'm trying to learn how to create a burp extension. As a first step I'm trying to create an extension to save scrolled URLs to a text file. Is there any guide can I use. Thanks.

    1 Agent Answer    0 Community Answer
    Feb 04, 2018 03:36AM UTC
  • http://burp doesn't show download CertificateCA

    Hi, I had already follow instruction to configure my browser with burp proxy (127.0.0.1:8080) I had already active burp and make sure the proxy is on (Checked) (127.0.0.1:8080) But when i access http://burp to download CertificateCA, that url just show proxy history, there is not show button to download CertificateCA How would I do to download CertificateCA? Thanks for your support

    1 Agent Answer    0 Community Answer
    Feb 03, 2018 02:43PM UTC
  • UPDATEING BURP ON MAC OSX

    Burp is throwing an error when I try to update to the latest version. I am running burp suite on Mac OSX High Sierra. When upgrading I receive this error message: "/Applications/Burp Suite Community Edition.app/Contents/Plugins/jre.bundle/Contents/Home/jre/LICENSE Could not create this file. Shall I try again?" Any help would be appreciated.

    1 Agent Answer    0 Community Answer
    Feb 03, 2018 07:13AM UTC
  • Burp suite is unable to intercept traffic to and from webgoat (localhost)

    I am trying to intercept traffic to and from webgoat running locally on tomcat server. I am able to see all other traffic but the localhost communication with webgoat is not being intercepted. I have searched multiple forums and articles but there is no help with troubleshooting this. Basic tutorial videos does not help as this is a specific issue.

    2 Agent Answers    3 Community Answers
    Feb 03, 2018 03:10AM UTC
  • Cross-site scripting (DOM-based)

    Burp has created two different tentative DOM XSS issues with this description: "The application may be vulnerable to DOM-based cross-site scripting. Data is read from location and passed to $() via the following statement:" And these are the statements: var path = $(location).attr('pathname') ? $(location).attr('pathname').split('/') : []; and ...

    2 Agent Answers    1 Community Answer
    Jan 29, 2018 01:34PM UTC
  • Failed to connect website.com:443

    I'm having issues connecting to a website, I can connect without the proxy on but as soon as I enable the proxy and try to connect, Burp will give me the "Failed to connect to website.com:443". I've added the site to the Hostname Resolution project options and it would work for a bit, I doubled checked the the Burp ssl cert is loaded as well. I cannot tell whether it is on my...

    1 Agent Answer    0 Community Answer
    Jan 25, 2018 04:46PM UTC
  • Locked due to many failed login attempts as soon as i scan my application

    Issue 1: My application(https://test2.tstraining.com/) is getting locked due to many failed login attempts as soon as i scan my application. Am i sending bunch other invalid passwords ?? I see below article. I don't know whether it is useful on my case as I'm not finding any POST request with invalid password anywhere. https://support.portswigger.net/customer/en/portal/articles/2...

    1 Agent Answer    0 Community Answer
    Jan 24, 2018 09:09PM UTC
  • Viewing Issues

    After running a scan using Community Version v1.7.30 in free mode, I do not see a the Issues tab under Target >> Site Map. After looking at posted screenshots, I see a set of tabs above the Request | Response tabs. I do not have those tabs but instead have a listing of pages with column headers like Host | Method | URL | Params etc. How can I adapt the interface to show the Issues tab?

    1 Agent Answer    0 Community Answer
    Jan 23, 2018 03:27PM UTC
  • Support

    How to remove repeating same letters when brute forcing. Like the program won't make passwords llike aaaaaa or bbcghe because the letters repeat.

    1 Agent Answer    0 Community Answer
    Jan 22, 2018 03:31PM UTC