Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Burp Infiltrator and WebGoat JAR

    Hi there, I downloaded the latest WebGoat release here: I tried running Burp Infiltrator in the same folder (eg. /tmp/webgoat/) After trying to run WebGoat JAR file, I get those errors: ```bash java -jar webgoat-server-8.0.0.M9.jar Exception in thread "main" java.lang.IllegalStateException: Failed to get nested archive for entry ...

    1 Agent Answer    0 Community Answer
    Jan 27, 2018 01:40PM UTC
  • Scanner Issue Activity import project

    When importing a project the scanner issue activity remained empty, no issues were imported. However, when opening the same project normally (during start up of Burp), all of the issues populated the scanner issue activity. Thanks, Paul

    2 Agent Answers    1 Community Answer
    Jan 23, 2018 12:05AM UTC
  • Burp import project

    Thanks for the new "Burp import project" feature. Burp requires that you have a disk-based project to be able to import projects after opening Burp. So if you have a temporary project then you cannot import. When you save the temporary project, it then becomes a disk based project, but Burp will not let you import a project. There is a way around this, which is to close Burp, re-op...

    1 Agent Answer    1 Community Answer
    Jan 22, 2018 11:52PM UTC
  • Memory Leak

    Hello, I upgraded Burp today to 1.7.31 on a Kali Linux virtual machine, it runs for about 20 minutes, eats all the RAM, and falls over, even on a very simple site with no scanning (other than passive, and no static code analysis on that). I am going to have to try and downgrade it as I'm in the middle of a job, so not a lot of detail in this post I'm afraid! I've tried seeing if the...

    3 Agent Answers    3 Community Answers
    Jan 22, 2018 01:52PM UTC
  • Not able to upgrade the Burp Suite from v1.7.07 to 1.7.30

    I have Burp Suite of version v1.7.07 installed on machine now wanted to upgrade it to the latest version 1.7.30 I clicked on 'Update Now' button, downloading is completed till 100% but nothing will happen then. Please suggest.

    1 Agent Answer    1 Community Answer
    Jan 15, 2018 01:06PM UTC
  • Intruder not starting a saved attack

    Hi All I have been running an intruder attack and saving periodically and restarting without issues. However following a necessary save, reboot and resume i have been unable to get intruder to successfully open the saved attack. I am running the latest version and have tried this on multiple machines. Any help or advice greatly appreciated

    1 Agent Answer    0 Community Answer
    Jan 05, 2018 11:35AM UTC
  • Excluded scanner issue still showing up in report

    Using 1.7.30 Minor thing here... I excluded a bunch of individual scan issues and ran a scan. In the final results, I still had "Python code injection" showing up in the results of issue types, even though it was excluded.

    3 Agent Answers    4 Community Answers
    Jan 02, 2018 06:08PM UTC
  • Unable to use Burp with latest version of Firefox

    Hello, No matter what website I try to access, I get the "Invalid client request received" from Burp and then this error. It might be an issue with Firefox because it creates a request with GET HTTP/1.1 instead of only the resource without the host. Is this an issue that other reported or is only on my side? Burp Suite Professional E...

    3 Agent Answers    3 Community Answers
    Dec 20, 2017 03:40PM UTC
  • Burp Intruder Missing Delimiter

    Hi, I have seen an unexpected behaviour in Burp when using Intruder and fuzz points. Within the Intruder you can define fuzz points via the § character, however, you don't have to use two of them. If only one § is used, then everything between § and the end of the request is considered as insertion point. This would be fine and probably a good idea as this would save the lazy consultant t...

    1 Agent Answer    0 Community Answer
    Dec 18, 2017 04:31PM UTC
  • Active Scanning Using Default Collaborator Server Spoofing Instead of Private Collaborator Server

    Under Project Options, I have "Use a private Collaborator server" selected with the name of an external Ubuntu 16.04LTS host that has Burp Collaborator Server running on it. However, when I dig through the results from the Active Scanner, Burp is embedding spoofed addresses for the public Collaborator Server instead of my private Collaborator Server: Cache-Control: no-transform X-...

    1 Agent Answer    0 Community Answer
    Dec 09, 2017 12:04AM UTC