Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
Burp Suite Professional and Community editions | Burp Suite Enterprise Edition |
Burp Scanner | Burp Collaborator |
Burp Infiltrator | Full Documentation Contents |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
API documentation | Writing your first Burp Suite extension |
Sample extensions | View community discussions about Extensibility |
Bug Reports
Report a bug
-
Intruder: Remove several payloads at the same time
Hi, In intruder, when creating the list of payloads to be injected. If several entries are selected from the list (by using shift or ctrl button) and Remove options is clicked, it does not remove all the selected entries but only one. Regards, Carlos
1 Agent Answer 0 Community AnswerOct 21, 2015 09:14AM UTC -
a couple of UI bugs
Hi, long time user and supporter :D Two small glitches that caught my eye today: 1. tool tips need to be updated with information that issues were moved to Target tab (and that Target is what you need to save in order to save the issues of a project). Currently, the information is misleading, it says to save the scanner tab to save issues. New users will be confused. 2. Report a bug th...
2 Agent Answers 1 Community AnswerOct 12, 2015 01:04PM UTC -
Software caused connection abort: recv failed
Hi I get this error message while running BurpSuite: Software caused connection abort: recv failed Would you please help me resolve the problem? Thank you
1 Agent Answer 2 Community AnswersOct 07, 2015 09:03AM UTC -
Higher unicode characters mangled when pasting
When pasting text into Burp Suite, with the text containing unicode characters with a codepoint higher than 255, Burp Suite will mangle the characters. For characters with a unicode code point lower than 65536, the result is that the higher byte of each code point is discarded. To reproduce: * select the following text and copy it to the clipboard: ňťŬŬůĠŗůŲŬŤġ * in Burp Suite, paste the text...
2 Agent Answers 3 Community AnswersSep 30, 2015 12:37PM UTC -
Probable bug: SQL injection avoidable false positive ?
"Issue detail The [...redacted...] cookie appears to be vulnerable to SQL injection attacks. The payload ' and '6143'='6143 was submitted in the Auth-Portal cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present. The database ...
1 Agent Answer 0 Community AnswerSep 28, 2015 08:54AM UTC -
Dragger not showing after 200 requests
Dragger not showing after >200 requests. Check this https://www.dropbox.com/s/yu9bx9misf57b31/Untitled.png?dl=0
2 Agent Answers 1 Community AnswerSep 27, 2015 03:26PM UTC -
Copy/Paste/Cut shortcuts (CTRL+C/V/X) are not working on Windows 10
I upgraded to windows 10, installed the latest Oracle JRE 1.8.0_60-b27 and now the shortcut copy & paste functionality is not working anymore. I'm working with burpsuite 1.6.27 pro. The functionality worked on Windows 7 SP1 before upgrade. Any suggestions? Is it MS feature (=BUG) or an Oracle feature (=BUG)? Or this is just a great cooperation between them? Or burp uses a JRE key ca...
2 Agent Answers 1 Community AnswerSep 24, 2015 09:34AM UTC -
Fix gray autocomplete orphan dialogs
When working on Kali 2.0 and maybe others, Burp Suite tries to autocomplete previously used input. This generates an empty grey window that, sometimes, remains open and it's added to the list of open windows. Closing this will close Burp suite without prompting for confirmation. root@kali:~/Burp# java -version java version "1.8.0_51" Java(TM) SE Runtime Environment (build 1.8.0...
6 Agent Answers 6 Community AnswersSep 22, 2015 09:58AM UTC -
Parameter of HTTP POST with Content-Type multipart/form-data could not be updated
Hi all I'm not sure if I'm doing something wrong, but I experienced an issue when trying to remove or update a parameter of a multipart/form-data HTTP POST from a java extension. The original parameter is not removed but the new is added additionally to the edited request. Original Message: --------------------------------- POST /test/ HTTP/1.1 Host: testhost.brrrr User-Age...
1 Agent Answer 0 Community AnswerSep 20, 2015 05:49PM UTC -
Infinite .Null Files being created when using generateScanReport() with the file format "HTML&q...
As part of my extension, I am using the generateScanReport() to create both the XML file and the HTML file. However, when I use generateScanReport() with the HTML format, while the HTML file does get created, files with the same name as the HTML file but with .NULL extension start getting created and I tried to stop this by unloading the extension, but it continued to create .NULL extension filed....
1 Agent Answer 1 Community AnswerSep 16, 2015 07:32PM UTC