Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • GetParameters (IRequestInfo) bug

    Hi, I am using the "getParameters()" method of IRequestInfo and I have found a bug. When a request is parsed by this method it returns all the parameters that it found in "get parameters", "post parameters" and cookies. If the following request is parsed by this method: GET /url.php?param1=value1 Host: x.x.x.x Cookie: cookie1=value2 GetParameters() returns:...

    1 Agent Answer    0 Community Answer
    Apr 16, 2015 11:20PM UTC
  • BurpSuite not running on Java version 8u45, had to downgrade to 7u75

    Hi, I recently tried running BurpSuite (current version) and was unable to run it with Java 8u45. I downgraded Java to 7u75 and it worked again. Has anyone else seen this error? # A fatal error has been detected by the Java Runtime Environment: # # EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x73064580, pid=5952, tid=1480 # # JRE version: Java(TM) SE Runtime Environment (8.0_40-b25) (...

    1 Agent Answer    0 Community Answer
    Apr 16, 2015 04:27PM UTC
  • XML and XPath false positives in scanner module

    The scanner module reports XML and XPath false positives when it finds certain strings (e.g. xmlschema, ajaxpath) in the the response of automated scans, but it does not consider when those same strings were already present in the original response to unaltered requests.

    1 Agent Answer    0 Community Answer
    Apr 14, 2015 05:47PM UTC
  • Hidden API for IHttpRequestResponse objects?

    Hello, I found a suprising behavior in the Extender API (using Jython). Because of a typo, I called getUrl() on some IHttpRequestResponse objects... and it worked! Given the API documentation (both online http://portswigger.net/burp/extender/api/burp/IHttpRequestResponse.html or in-app), there's no function with that name in these objects. In fact, getUrl() exists only for IRequestInfo obj...

    1 Agent Answer    1 Community Answer
    Apr 14, 2015 08:42AM UTC
  • Window issues on Mac OS 10.10

    On Mac OS 10.10, when Burp Free is running, it doesn't show up in the dock, or in the command-tab window switcher. So it's difficult to switch to it. When you minimize it, its window does show up in the dock. But then when you click it, it appears behind any other open applications' windows.

    1 Agent Answer    0 Community Answer
    Apr 13, 2015 03:52PM UTC
  • Java RE 6 Required?

    I am in my 14-day evaluation period of Burp Suite. Yesterday I attempted to test a site via https; Burp Suite would not perform the test using Java RE version 8. I had to downgrade to version 6 of the JRE ( a version chock full of security problems and no longer supported by Oracle). What is Portswigger's plan to correct this problem?

    1 Agent Answer    0 Community Answer
    Apr 10, 2015 12:54PM UTC
  • Not tracking extension properly

    Extender > BApp Store None of the Installed boxes are checked. But if select certain extensions like .NET Beautifier, under the description the Install button is greyed out.

    1 Agent Answer    0 Community Answer
    Apr 10, 2015 01:21AM UTC
  • Spider this branch

    Scans the branch, then the rest of the directory tree.

    1 Agent Answer    0 Community Answer
    Apr 09, 2015 11:32PM UTC
  • GUI hanging on Windows 8.1 64-bit?

    Hola, I've just set up a new install of Windows 8.1 64-bit (fully patched) with the latest (AFAIK) versions of Java and Burpsuite (running as "java -jar -Xmx4096m burpsuite_pro_v1.6.14.jar" from a command prompt with admin privs). I'm getting GUI hangs within Burp. It still appears to actually be passing traffic - but the GUI is completely non-responsive. I can browse to...

    2 Agent Answers    2 Community Answers
    Apr 09, 2015 11:03AM UTC
  • Temporary files not deleted upon exit

    I've been waiting since 5 versions ago for this to be fixed. We're now at 1.6.14 and the issue is still there: Burp does not delete its temporary files/folders upon exit and thus, on subsequent launch, it asks for temporary folders to be deleted. It's been reported since 1.6.09 and you guys are also aware about this issue since 1.6.08: http://forum.portswigger.net/thread/166...

    4 Agent Answers    5 Community Answers
    Apr 02, 2015 04:09AM UTC