Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • java.lang.ClassCastException: javax.swing.plaf.ColorUIResource cannot be cast to javax.swing.Painter

    I open burp using Oracle Java 8: $ java -version java version "1.8.0_31" Java(TM) SE Runtime Environment (build 1.8.0_31-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.31-b07, mixed mode) And I got the following error: java.lang.ClassCastException: javax.swing.plaf.ColorUIResource cannot be cast to javax.swing.Painter at javax.swing.plaf.nimbus.NimbusStyle.getBackgroundPain...

    2 Agent Answers    1 Community Answer
    Feb 18, 2015 10:30AM UTC
  • Alert message while testing a website with its hostname

    Hi Team, We are getting some issues while executing Burp Suite. When we execute the Burp Suite for a site with its IP, then it is working fine but when we are executing the same with its host name, we are getting Alert message in the Burp Suite.

    1 Agent Answer    0 Community Answer
    Feb 16, 2015 01:28PM UTC
  • Separation of query string

    Hi, When I access a URL like following Burp recognizes one parameter its name="JSESSIONID", value="foo?bar=baz". http://localhost/;JSESSIONID=foo?bar=baz Screenshots: http://imgur.com/OY9NkvU (Raw tab) http://imgur.com/sO1HAaE (Params tab) Burp Suite v1.6.10 Windows 7 64bit

    2 Agent Answers    2 Community Answers
    Feb 08, 2015 06:50AM UTC
  • Uppercase when authenticated with NTLM

    Hello, I want to report a important bug. If I use NTLM authentication burpsuite always sets uppercase letters for the login and for some case sensitive database it is problem. Thanks for repair. Excellent would be option, that what I write to login field, the same string will be in the request. Marek

    1 Agent Answer    0 Community Answer
    Feb 06, 2015 02:12PM UTC
  • Font size

    When adjusting the font size, there is no changes to the HTTP message section.

    2 Agent Answers    1 Community Answer
    Feb 02, 2015 01:46AM UTC
  • Scan queue being reordered

    Pause the scanner, save the state and close Burp. Open Burp and restore the state. The number column under Scanner > Scan queue has been reordered starting at 1 instead of the previous numbers.

    1 Agent Answer    0 Community Answer
    Feb 02, 2015 01:41AM UTC
  • Row highlights

    Let's say you have 20 items. You select row 10, hold down 'shift' and hit the 'up' button three times. Instead of lines 7-10 being highlighted, only lines 7-8 highlighted.

    1 Agent Answer    0 Community Answer
    Feb 02, 2015 01:37AM UTC
  • Freezes in scanner

    Hi I've have problems running the scanner in 1.6.09, it's very unreliable. It just stopps scanning for no obvious reason, but it is a least not frozen. I can then save the state, kill Burp and reload the state. The scan will then continue for a few more URLs before freezing again. I have tried to set down the number of concurrent connections to just one, but it still just stops. T...

    2 Agent Answers    4 Community Answers
    Jan 30, 2015 08:52AM UTC
  • interface catastrophically broken in recently updated Debian 7

    BURP Version: 1.6.09 Debian version: 7.8 (Wheezy) JRE: both OpenJDK and Oracle JRE XOrg Server: both XVFB and QXL Invocation: java -jar ./burpsuite_pro_v1.6.09.jar Mode of failure: Burp Suite windows do not respond to any mouse input. Cannot interact with any buttons, tabs, lists, tables, text fields, scroll bars, etc. Other applications work fine. Prior to Monday, Jan 26, Burp Suite...

    2 Agent Answers    1 Community Answer
    Jan 29, 2015 12:31AM UTC
  • Missed DOM XSS

    We were testing your DOM XSS scanning capability against test web sites (from the makers of Ra.2) and noted to obvious false-negatives that were missed. EXAMPLE 1: http://www.daspatnaik.com/test/demo/dom-xss-02.html RESPONSE 1: <html> <head> <title> DOM XSS 02 </title> <script type="text/javascript"> function timedMsg(callback) ...

    1 Agent Answer    0 Community Answer
    Jan 23, 2015 07:41PM UTC