Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

How Do I?

Make a new post

  • not able access the mobile request after a successful configuration.

    Not able access the mobile request after a successful configuration with the mobile device as instruction shown over the portswigger page can anyone help me quick need urgent.

    1 Agent Answer    0 Community Answer
    May 31, 2017 05:23PM UTC
  • hi

    Team, I am getting below error while running burp suite "client failed to negotiate an SSL connection to " " :443.remote

    1 Agent Answer    0 Community Answer
    May 29, 2017 08:43AM UTC
  • JRE Install didn't work.

    I followed the "Getting Started" instructions. Checked for Java, did not find it, downloaded latest JRE, tried to install it and got error message to run SxsTrace. Not sure what to do next and finding nothing in any of your documentation or forums, so uninstalling BurpSuite. Thanks.

    1 Agent Answer    0 Community Answer
    May 29, 2017 01:11AM UTC
  • How Do I: Tell Intruder that a particular field must be unique for every request?

    Hey, I have a web app that has an "Add User" feature. The form submission includes lots of details (about 150) and one of the fields submitted is the "Username" field. I have used the pitchfork attack type and this sort-of works. Unfortunately, it seems to mean that I have to test every single field other than the username individually. I also like using the Intruder t...

    1 Agent Answer    0 Community Answer
    May 25, 2017 01:09PM UTC
  • http://burp problem. help plz

    hello, After proxy connection, http://burp Only proxy history is shown at the time of input CA Certificate Icons do not exist in upper right corner Help plz

    1 Agent Answer    0 Community Answer
    May 25, 2017 09:02AM UTC
  • Trying to connect different proxy instead of localhost.. How can i do it?

    Hi, I am accessing my application through some different proxy and port (not local) and also connected via VPN. Now i need to do security test of that application using Burp. Could you please give me the detailed configuration.

    1 Agent Answer    0 Community Answer
    May 24, 2017 07:30PM UTC
  • Repeater, Update specific parameter

    Hey Guys, following story. I currently pentest an application where the server sends me a token in each response which is processed by the AJAX client. This token is later used as parameter in the follow-up request within a JSON structure. My question is, is there any chance that I can automatically update that value (which comes with the response) for my next request in the repeater. So f...

    3 Agent Answers    3 Community Answers
    May 23, 2017 03:02PM UTC
  • How to write macro for JSF login page

    I have a problem with writting macro for JSF login page. I have done every possible things (remove cookies, javax.faces.ViewState etc.) but I havent figured it out. Any ideas for this problem? Thank you in advanced.

    1 Agent Answer    2 Community Answers
    May 23, 2017 07:26AM UTC
  • burp intruder

    <script>alert(1)</script> How burp insert this payload

    1 Agent Answer    1 Community Answer
    May 19, 2017 11:43AM UTC
  • How do I detect the current SSL protocol

    Hi, I'm using Burp Suite Free Edition v1.7.22 Is there any way to view the current SSL protocol in use while intercepting traffic? SSL 3 vs TLS 1.1, etc.

    2 Agent Answers    1 Community Answer
    May 17, 2017 09:25PM UTC