Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • unreliable spelling of Authorization: Bearer in requests leaving the BURP proxy

    My attempts to proxy a couple of requests to a test salesforce instance (get auth token from, post an action to with "Authorization: Bearer TOKEN") got "401 Authorization denied". I temporarily changed my shell script to execute the POST request unencrypted to catch the contents of the request leaving the BURP proxy using Wireshark/NPCap...

    2 Agent Answers    1 Community Answer
    Feb 20, 2018 02:10AM UTC
  • Burp Collaborator WAF triggering/not obeying options

    Hey, I am currently using Burp to run an assessment on a website. They use Incapsula as a WAF, which is being triggered very frequently. At first I thought it might be related to spidering too fast, but I modified the spider to go extremely slow which didn't help. I then tried browsing the site without proxying through Burp and everything worked as expected. I tried to disable collab...

    1 Agent Answer    1 Community Answer
    Feb 11, 2018 12:52AM UTC
  • Received Fatal Alert: Handshake_Failure

    Hi, I am a Burp pro user. My Burp pro throws an error in web screen and Alert tab in the burp like the subject: Received Falat Alert: Handshake_Failure. Firstly, I need to tell you that I took the certificate from http://burp page, then I imported it into my web browser properly. Then I restarted my web browser and Burp Pro. But when I tried to access a specific web site which uses https protoc...

    1 Agent Answer    1 Community Answer
    Feb 08, 2018 01:45PM UTC
  • PortSwigger Certificate invalid

    (I'm using macOS High Sierra 10.13.3 and Burp Suite Community Edition v1.7.32) I've followed the instructions to install the Burp Certificate ( but I still get a security error when I try to visit any URL with both chrome and safari and it won't let me bypass ...

    1 Agent Answer    0 Community Answer
    Feb 04, 2018 09:34AM UTC
  • IParameter Flags

    The flag fields in IParameter are set to default visibility. I'm guessing they are intended to be public.

    1 Agent Answer    0 Community Answer
    Feb 02, 2018 09:30PM UTC
  • Burp Overlay Menus no longer Working on Fedora 26

    Hi, with Burp version 1.7.31 the overlay menus (like the proxy filter menu) are instantly closing as soon as one clicks on it. It is confirmed working with Burp version 1.7.27. Oracle java version: 1.8.0_162-b12 run command: java -Dawt.useSystemAAFontSettings=on -Dsun.java2d.d3d=false -Dsun.java2d.xrender=false -jar best regards, norman

    8 Agent Answers    9 Community Answers
    Jan 31, 2018 11:09AM UTC
  • Burp Infiltrator and WebGoat JAR

    Hi there, I downloaded the latest WebGoat release here: I tried running Burp Infiltrator in the same folder (eg. /tmp/webgoat/) After trying to run WebGoat JAR file, I get those errors: ```bash java -jar webgoat-server-8.0.0.M9.jar Exception in thread "main" java.lang.IllegalStateException: Failed to get nested archive for entry ...

    1 Agent Answer    0 Community Answer
    Jan 27, 2018 01:40PM UTC
  • Scanner Issue Activity import project

    When importing a project the scanner issue activity remained empty, no issues were imported. However, when opening the same project normally (during start up of Burp), all of the issues populated the scanner issue activity. Thanks, Paul

    2 Agent Answers    1 Community Answer
    Jan 23, 2018 12:05AM UTC
  • Burp import project

    Thanks for the new "Burp import project" feature. Burp requires that you have a disk-based project to be able to import projects after opening Burp. So if you have a temporary project then you cannot import. When you save the temporary project, it then becomes a disk based project, but Burp will not let you import a project. There is a way around this, which is to close Burp, re-op...

    1 Agent Answer    1 Community Answer
    Jan 22, 2018 11:52PM UTC
  • Memory Leak

    Hello, I upgraded Burp today to 1.7.31 on a Kali Linux virtual machine, it runs for about 20 minutes, eats all the RAM, and falls over, even on a very simple site with no scanning (other than passive, and no static code analysis on that). I am going to have to try and downgrade it as I'm in the middle of a job, so not a lot of detail in this post I'm afraid! I've tried seeing if the...

    3 Agent Answers    3 Community Answers
    Jan 22, 2018 01:52PM UTC