Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Problem running on 32-bit Debian 8.6

    Hello! After downloading from the website, allowing execution (chmod +x), then running it (even with sudo) I get the following error message: Unpacking JRE ... Starting Installer ... /home/user/ 1: /home/user/ Syntax error: end of file unexpected (expecting ")") Any advice?

    2 Agent Answers    1 Community Answer
    Nov 16, 2016 02:29AM UTC
  • Burp Project looses data

    So this problem can cause loss of data in already saved project? Because is what happened to me unfortunately. Also, you know on which OS this problem can occur?

    2 Agent Answers    1 Community Answer
    Nov 15, 2016 05:21PM UTC
  • Downloading updates via the BURP scanner tool

    To Whom this May Concern, I am attempting to download newer versions of the tool via the update prompt that comes up in the tool. When I click to download the installer it appears to be downloading and gets to 100%. After that the screen stays at 100% without actually downloading the update. I have attempted this via versions 1.7.07 and 1.7.06. Is this an issue? Is there anyone else...

    1 Agent Answer    2 Community Answers
    Nov 15, 2016 03:10PM UTC
  • Burp Project looses data

    I used burp 1.7.10 for a whole day without problems. I created a new project and at the end of the day i just closed burp without any errors or problems. The 2nd day i opened the same project and everything was fine, no errors or anything strange and every request from the previous day was there. I just continued my PT as normal. After 4-5 hours (in the morning everything worked fine and as far as...

    1 Agent Answer    0 Community Answer
    Nov 14, 2016 09:12AM UTC
  • Burp Active Scanner failed to detect certain XSS in JSON requests

    Burp Active Scanner is unable to detect certain kinds of JSON parameter which are vulnerable to XSS Please refer to the below screenshot: During manual penetration testing, the parameter “isNeedCheckSpecialCountryConsents” is vulnerable to XSS as shown in the screenshot. However, Burp Active Scanner is unable to detect this vulnerabi...

    1 Agent Answer    1 Community Answer
    Nov 14, 2016 07:34AM UTC
  • Hard-to-read HTML pages such as Extender and Documentation

    I just noticed that most of the internally-accessible BurpSuite documentation isn't being shown correctly on my installation, as well as the Extender tool is difficult to read since the HTML source code is shown instead. Does anyone else see this behavior? I'm also attaching two screenshots to better explain what i mean. The Extender tool: The internal do...

    1 Agent Answer    4 Community Answers
    Nov 11, 2016 07:23PM UTC
  • XSS False positive

    I have some reflected XSS reported as high+certain when actually there's no vulnerability. There is a specific header (anti Csrf) which is added by some js on page. Since a request from another domain won't be able to add this header it is not possible to have the reflected work. I blelieve Burp should be able to identify this as a non-XSS. Tx for the great tool, Best regards, ...

    1 Agent Answer    1 Community Answer
    Nov 03, 2016 11:27AM UTC
  • negotiate authentication trouble

    i'm used Burp Suite Professional last V i try to login website with negotiate authentication Burp Suite don't accept negotiate authentication how can i fix that ??

    1 Agent Answer    0 Community Answer
    Nov 03, 2016 10:30AM UTC
  • Target of CONNECT Sends Data First, Data not seen by Client; Expected?

    Four scenarios: 1) Client -> Target 2) Client -> Squid -> Target 3) Client -> Burp Proxy (CONNECT) -> Target 4) Client -> Burp -> Squid -> Target * The underlying communications between the client and target in not HTTP; it's some custom protocol * Burp 1.7, Java 6 :sad_face:, Windows 32-bit :sadder_face: Scenarios 1 and 2 work no issue. Scenario 2 plays o...

    1 Agent Answer    1 Community Answer
    Nov 01, 2016 02:41PM UTC
  • Burp Suite 1.7.08 Infected/Backdoored?

    burpsuite_pro_v1.7.08.jar MD5: eb98fc4432cff3e288afd2bd2b6b3661 SHA256: 5b20bc2f1b236af3049a155fa8f122f5d91097041ebf17964bd640aa439ecaaf infected/backdoored?

    1 Agent Answer    0 Community Answer
    Oct 29, 2016 05:10PM UTC