Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • security testing

    Hi Team, Can you please tell me how to test URL for finding issues like iframe , cross scripting, SSL, cookie vulnerability, HTTPonly & secure. Thanks

    1 Agent Answer    0 Community Answer
    May 29, 2017 10:33AM UTC
  • BUG

    CO2 DOWNLAD AND EROR BrupSuite

    1 Agent Answer    0 Community Answer
    May 29, 2017 09:19AM UTC
  • IP adddress regexp

    Dear team, I noticed in burp 1.7.22 that "Private IP addresses disclosed" is failing to parse an IP address with this format: xxx.xx.xxx.xx. All remains IP address are being parsed. Kind Regards, Daniel

    1 Agent Answer    0 Community Answer
    May 24, 2017 12:49PM UTC
  • Performance dropped in latest version of BurpSuite? (MacOS)

    Hi! Since the latest version of BurpSuite (1.7.22) I noticed quite some drop in performance on MacOS. I mainly use FireFox (also latest version) to browse. I often see that pages are loaded really slow (or don't load at all), until I "activate" Burp again. With "Activate" I mean that I need to click on the Burp icon in the Dock. It feels like Burp pauses until I make th...

    5 Agent Answers    7 Community Answers
    May 13, 2017 06:08AM UTC
  • external service interaction DNS

    Hi, I am using Burp 1.7.15. I scanned my system in Jan and got scan report. I scanned my system again in March, and got new issues "external service interaction DNS" in the report. I did not upgrade Burp version. Does Burp update the "issue definition table" at the background regularly? Is there anyway we can tell the "issue definition table" updated? An...

    2 Agent Answers    2 Community Answers
    May 12, 2017 11:47AM UTC
  • We can't use multi-byte characters in sitemap comment to save as XML

    When saving sitemap, we can't use multi-byte Japanese characters as comment. (Its generate invalid encoded XML.) [View] Target > Site map [Steps] 1. Set following words as sitemap comment. 管理画面 2. left-click on the tree-view and select 'save selected items'. 3. save to XML (e.g. sitemap.xml) 4. check saved XML like this... # grep --color=never '<commen...

    1 Agent Answer    0 Community Answer
    May 11, 2017 10:21AM UTC
  • Upstream proxy configuration only passes URI and not domain/host

    Hi, I have spent some time trying to configure an upstream squid proxy server in order to have a known source IP address for testing engagements, without relying on a VPN (unfortunately in my specific circumstances a VPN is not usable). I keep banging my head against a wall which is essentially created by the way Burp forwards requests to upstream proxy servers for connections to some TLS...

    2 Agent Answers    1 Community Answer
    May 09, 2017 02:00PM UTC
  • Burp Suite javax.net.ssl.SSLException: Tag mismatch!

    I have Burp Suite Professional v1.7.22 running on macOS Sierra 10.12.4 with Java: 1.8.0_131-b11 And I'm getting an error trying to establish SSL connections: In the alerts tab: Proxy - javax.net.ssl.SSLException: Tag mismatch! Proxy - Tag mismatch! Anybody ever experienced this before? I've freshly reinstalled java but with no effect

    1 Agent Answer    2 Community Answers
    May 08, 2017 03:57PM UTC
  • Spider Queues Do Not Clear

    Hello, I'm using Burp 1.7.21 and when I attempt to clear the Spider queue it is not cleared. This is an issue I've had many times with larger sites over many versions of Burp. Video of behavior: http://tinypic.com/r/ruodgo/9 Thanks.

    1 Agent Answer    0 Community Answer
    May 01, 2017 08:15PM UTC
  • Burp Mobile Assistant - empty Source repo on Cydia

    Hi Burp team, I am very grateful for the new Mobile Assistant feature. I downloaded it today (with Free Edition v1.7.21). I can get my jailbroken, ios 9.3.3 device to add my Cydia source: http://localhost:8080 but the package is always empty, after successfully adding the source. I am updated on Cydia Substrate (version 0.9.6301). Any ideas?

    1 Community Answer
    May 01, 2017 01:55PM UTC