Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Not able to upgrade the Burp Suite from v1.7.07 to 1.7.30

    I have Burp Suite of version v1.7.07 installed on machine now wanted to upgrade it to the latest version 1.7.30 I clicked on 'Update Now' button, downloading is completed till 100% but nothing will happen then. Please suggest.

    1 Agent Answer    1 Community Answer
    Jan 15, 2018 01:06PM UTC
  • Intruder not starting a saved attack

    Hi All I have been running an intruder attack and saving periodically and restarting without issues. However following a necessary save, reboot and resume i have been unable to get intruder to successfully open the saved attack. I am running the latest version and have tried this on multiple machines. Any help or advice greatly appreciated

    1 Agent Answer    0 Community Answer
    Jan 05, 2018 11:35AM UTC
  • Excluded scanner issue still showing up in report

    Using 1.7.30 Minor thing here... I excluded a bunch of individual scan issues and ran a scan. In the final results, I still had "Python code injection" showing up in the results of issue types, even though it was excluded.

    3 Agent Answers    4 Community Answers
    Jan 02, 2018 06:08PM UTC
  • Unable to use Burp with latest version of Firefox

    Hello, No matter what website I try to access, I get the "Invalid client request received" from Burp and then this error. It might be an issue with Firefox because it creates a request with GET HTTP/1.1 instead of only the resource without the host. Is this an issue that other reported or is only on my side? Burp Suite Professional E...

    3 Agent Answers    3 Community Answers
    Dec 20, 2017 03:40PM UTC
  • Burp Intruder Missing Delimiter

    Hi, I have seen an unexpected behaviour in Burp when using Intruder and fuzz points. Within the Intruder you can define fuzz points via the § character, however, you don't have to use two of them. If only one § is used, then everything between § and the end of the request is considered as insertion point. This would be fine and probably a good idea as this would save the lazy consultant t...

    1 Agent Answer    0 Community Answer
    Dec 18, 2017 04:31PM UTC
  • Active Scanning Using Default Collaborator Server Spoofing Instead of Private Collaborator Server

    Under Project Options, I have "Use a private Collaborator server" selected with the name of an external Ubuntu 16.04LTS host that has Burp Collaborator Server running on it. However, when I dig through the results from the Active Scanner, Burp is embedding spoofed addresses for the public Collaborator Server instead of my private Collaborator Server: Cache-Control: no-transform X-...

    1 Agent Answer    0 Community Answer
    Dec 09, 2017 12:04AM UTC
  • Encounter blank screen when installing burpsuite in Kali Linux

    Hi, The installation screen was blank when I try to install in Kali Linux. Please advice. Thank you

    1 Agent Answer    0 Community Answer
    Dec 08, 2017 10:05AM UTC
  • Unable to use higher unicode characters

    I was unable to use higher unicode characters, such as russian letters, in repeter and proxy. I can't even edit POST body with content type application/json; charset=utf-8 Letters get substituted with letters with low unicode code (<65536). I'm using Burp v1.7.29.

    1 Agent Answer    0 Community Answer
    Dec 05, 2017 01:36PM UTC
  • Macro Cookie Handling - Project File

    Hello, When in the macro editor and going to 'Configure Item', you can change the cookie handling behaviour of the macro. I have noticed that when un-ticking 'Add cookies received in responses to the session handling cookie jar' that the change does not get persisted in the project option .json file. I cannot see any new entry in the project options json file and after sa...

    4 Agent Answers    3 Community Answers
    Dec 01, 2017 03:29PM UTC
  • Low: Typo in Advisory - HSTS Misconfig

    Social mistyped - "If there is no HTTP server, an attacker in the same network could simulate a HTTP server and motivate the user to click on a prepared URL by a scoial engineering attack."

    1 Agent Answer    0 Community Answer
    Dec 01, 2017 01:33PM UTC