Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Burp Suite Chrome Cert Error: Error net::ERR_CERT_REVOKED

    Hi, I'm running: Linux Mint 19.1 Chrome Version 73.0.3683.86 Burp Suite Pro v2.0.18 Beta And I'm getting a bunch of net::ERR_CERT_REVOKED when I use the Burp Suite proxy in Chrome. Cert is working perfectly in Firefox. Also attempted using the non-beta version of Burp Pro and got the same results. Followed the documentation to the letter and generated a new cert. All to no ...

    0 Community Answer
    Mar 25, 2019 11:46PM UTC
  • Not getting email for the for Trial Enterprise verison and reived email regarding Expiry

    Hi I have requested for Trial Enterprise Download. I did not received any email for login or download Today I received email regarding Expiration. Please provide support here. I need to do POC on Burp Suite Enterprise for Security testing Regards Ali Asgar

    2 Agent Answers    0 Community Answer
    Mar 22, 2019 09:30AM UTC
  • External Service Interaction False Positive

    While running active scan against a site while on a VPN, Burp reported an issue for External Service interaction. However, the service being interacted with is coming from my Public IP on the VPN and not from the site I am testing (like I would expect for SSRF). I reran the scan from a VDI that's not over VPN against the same site and the issue did not show up. Has anyone else ever run int...

    2 Agent Answers    1 Community Answer
    Mar 19, 2019 06:38PM UTC
  • Burp Suite Pro doesn't launch

    Attempting to install/move to Fedora and failing to launch Burp. Resulting error message: Suite: Environment not supported by embedded browser. Use 'Embedded Browser Health Check' for more details.

    2 Agent Answers    1 Community Answer
    Mar 19, 2019 03:42PM UTC
  • Strange XSS false positives in scanning.

    I was trying to scan an application with Burp. The scanner found around 20 XSS and in the scanner, the request and how the payload was reflected in the response was clear in the response tab. However, when trying to manually verify the exploit (the the same payload to the same URL) the payload was HTML encoded. How comes that it in clear in the "Response" tab and encoded in the page?

    2 Agent Answers    0 Community Answer
    Mar 17, 2019 01:50AM UTC
  • Burp crashes after suspending and resuming in VMWare Workstation

    I am using Burp in a Kali Linux VM (guest) with VMWare Fusion on a MacOS host. I have VMWare tools installed in the guest. The Burp project file is stored in a folder on the host that is mounted in the Kali guest with vmhgfs-fuse. When I suspend and later resume the VM Burp becomes unstable. I understand that this might be a Java + VMware problem but I would like to be able to pause my work wit...

    1 Agent Answer    0 Community Answer
    Mar 15, 2019 08:11AM UTC
  • Burp 2 active scanner paused

    Hello, I am running Burp professional v2.0.18 on Kali os. Whenever i send a request for audit scan, burp does not automatically start sending requests. I have made sure that no tasks are paused (individually or all together). Even if I pause and then proceed the task requests will not be sent out and progress will be at 0%. The only solution at the moment is to restart Burp and proceed task e...

    1 Agent Answer    0 Community Answer
    Mar 14, 2019 02:01PM UTC
  • Burp v2.0.18beta - Some issues not showing from active scanner in target - issues

    Some issues are not being displayed in the target > issues area, These are visible from the issue activity in dashboard but not appearing in Target > issues. Step 1. Set up live audit from proxy (suite scope) Step 2. Intercept and scan traffic Step 3. go to Target > under the issues tab on the top right, some issues will not appear.

    1 Agent Answer    0 Community Answer
    Mar 08, 2019 09:32AM UTC
  • Beta Crawler does not work

    I attempt to crawl a webpage by giving the crawler the root of a website. However it does not find anything and says "1 locations crawled". I have tried different settings such as changing the crawl strategy to "Most Complete", etc. In v1.7 I was able to use the spider to actually map out the application. But no luck so far with Beta V2.

    1 Agent Answer    0 Community Answer
    Mar 07, 2019 06:14AM UTC
  • Link manipulation and Open rediraction (DOM-based) - JQuery Mobile

    Hi all, we use in our application. Burp scan found a Link manipulation (DOM-based) and Open redirection (DOM-based) vulnerabilities in JQuery Mobile sources: Open redirection (DOM-based): Issue detail The application may be vulnerable to DOM-based open redirection. Data is read from location.href and passed to location.href via the following statement: d!==j?(...

    1 Agent Answer    0 Community Answer
    Mar 06, 2019 09:37AM UTC