Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Firefox Developer Tools shows 200 instead of 302 when using Burp as a proxy

    Not sure why but for some 302 response if I'm using Burp as a proxy on Firefox from Burp Proxy History or Interception I can see the 302 but on Firefox Developer Tools shows me 200. Removing Burp as a proxy from Firefox I can see the same response as 302 on Firefox Developer Tools as supposed to be. On Chrome also using Burp as a proxy the same response I can see as a 302 on Burp and Chrome...

    2 Agent Answers    1 Community Answer
    Feb 16, 2017 05:47PM UTC
  • Bug in Search Windows using openJDK

    Hello dear portswigger team, I have an issue using the Engagement Tools -> Search options. Some times after entering the search word a suggestion window will be created as separate jwindow objects (grey box and white box with digit 1 on the screenshot) and will not be killed after the search windows is closed. That means that these additional windows are still open and running after closing ...

    3 Agent Answers    2 Community Answers
    Feb 16, 2017 12:18AM UTC
  • Burp cant handle same-name cookies set to different paths

    Just chiming in to add another vote for fixing cookie jar handling for cookies with the same name but differing paths. In my case, two different sessionId cookies at root (/) and one at a subdirectory (/service/). Both are necessary for the call. Repeater seems to be adding the first one it encounters in the cookie jar.

    2 Agent Answers    1 Community Answer
    Feb 03, 2017 04:18AM UTC
  • 1.7.17

    This bug just started this morning with 1.7.17..... Temporary project -> load from configuration file-> Start Burp Loads 2 tabs for every extension.

    2 Agent Answers    3 Community Answers
    Feb 02, 2017 04:04PM UTC
  • V1.7.17 and v1.7.16 Issues in Target Tab

    When you run active scan and look at the scan queue, 2 issues found and I come back to the target tab and click on the target and don't see any issues listed in the issues box. In the previous versions this wasn't a problem. A bug probably? Thanks! Iswarya

    1 Agent Answer    0 Community Answer
    Feb 01, 2017 08:09PM UTC
  • Restoring a saved state

    Hey, I was trying to restore a saved state and I keep recieving the same message. The state was stored in 1.7.14 and restored in 1.7.16 burp.f6c at burp.g1g.a(Unknown Source) at burp.g1g.a(Unknown Source) at burp.une.a(Unknown Source) at burp.l4f.g(Unknown Source) at burp.uxc.a(Unknown Source) at burp.a3b.a(Unknown Source) at burp.a3b.a(Unknown Source) at burp.z2b.a(Unknown...

    1 Agent Answer    0 Community Answer
    Feb 01, 2017 04:21AM UTC
  • Scanner errors, but logs show no errors

    Running Burp Pro 1.7.16. I'm attempting to do an active scan against selected values in a PUT request. Here is an example of the data. {"notes":"Test","userN":"pentest"} I've marked "Test" and "pentest" in Intruder ({"notes":"§Test§","userN":"§pentest§"}) and sent it to Active scan....

    1 Agent Answer    0 Community Answer
    Jan 31, 2017 11:12PM UTC
  • ca certificate

    I am attempting to install the CA Cert for Firefox via the link found here: Which is: http://burp/ This redirects me to a text site not related to burp. Where do I find the certificate, and more importantly, can that link be fixed?

    1 Agent Answer    1 Community Answer
    Jan 31, 2017 04:41PM UTC
  • Burp Proxy fails to load the page if browsed to a website with specific port # mentioned

    I tried to connect to a web server with specific port number (ex., Burp proxy failed to load and says "unable to connect". Where with same proxy configuration able to connect to same & other servers. pls help.

    2 Agent Answers    1 Community Answer
    Jan 31, 2017 10:46AM UTC
  • 'SSL Pass Through' traffic is incorrectly forwarded through an upstream proxy

    When the SSL Pass Through function is used in combination with an upstream proxy server proxy, the proxy is used incorrectly, causing the proxy to deny TLS connections that are passed through. Expected behaviour would be that Burp performs a CONNECT request to the proxy server, providing it with the target host; after receiving a 200 response, it can proceed forwarding the TLS messages to the p...

    6 Agent Answers    6 Community Answers
    Jan 30, 2017 12:09PM UTC