Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Bug Reports

Report a bug

  • Intruder payload bug - square symbols between every character

    Every intruder attack include square blocks between every characker of payload. This happened sometimes, but now it's important case so i have to figure out why this happens here is pic:

    2 Agent Answers    2 Community Answers
    Oct 04, 2017 09:43AM UTC
  • Intercept Client Requests rules doesn't affect for Redirect proxy requests

    In the case of Redirect proxy configuration (Proxy-Options-Edit-Request Handling-Redirect host/port) all the requests will be redirected to that host even a few interception rules were applied. I expect that all the interception rules will be applied to the redirected requests to avoid redirection all the requests out-of-scope.

    1 Agent Answer    0 Community Answer
    Sep 29, 2017 07:41PM UTC
  • Session management & redirection & Active scan

    I have a platform which redirects user to /login page via location header when you are trying to access anything which requires authentication. I have session management set up, with session handling rules to look for expression in locations "HTTP headers", "Response body", as well as URL of redirection target with regexp "location: https:\/\/someTestedDomain\.test\/login&...

    2 Agent Answers    2 Community Answers
    Sep 25, 2017 11:18AM UTC
  • Bug in Scanner Issue Activity

    In my current project the greatest ID is 2634. At some point burp decided to continue the counting from around 1000 and I don't know whether it overwrites my existing vulnerabilities. This behavior has been noticed only on the version 1.7.27.

    4 Agent Answers    3 Community Answers
    Sep 11, 2017 07:24PM UTC
  • Scanner stucks when pausing

    Hello, Many times I see that the scanner doesn't send any more requests and the I pause it. However the message "waiting for pause" never disappears and the scanner is only again usable when I close burp and restart it.

    5 Agent Answers    4 Community Answers
    Sep 11, 2017 02:26PM UTC
  • External service interaction (DNS) false positives

    Hello, in the new versions of burp I am getting a huge amount of false positives of this vulnerability. In all last pentests, burp puts the payload in the HTTP request line, my machine tries to resolve this domain and finally all the instances of these DNS requests are coming from my machine. Am I doing something wrong?

    6 Agent Answers    5 Community Answers
    Sep 11, 2017 02:19PM UTC
  • burp crash

    Hello, after upgrading to 1.7.27 version, in Target->Issues tab, when I have expanded a branch of vulnerabilities and then right click on the main title of the vulnerability and choose all of them to become false positives, then burp freezes. I have tried many things to unfreeze it with no luck.

    2 Agent Answers    1 Community Answer
    Sep 07, 2017 11:14AM UTC
  • Shortcut Keys don't work

    Hi, The shortcut keys (e.g. ctrl-C, ctrl-v) don't work in the new releases. Please fix. Thanks, Carl

    1 Agent Answer    0 Community Answer
    Aug 29, 2017 08:23PM UTC
  • Copy-paste bug replication for OSX

    We managed to reproduce an old usability bug! The bug in question is that hotkeys and key combinations don't work properly. Mostly this is visible as copy-paste being broken. Turns out the bug is transferable by some settings that get stored in state files. I, on a mac with the bug occurring, was able to move the bug over to a windows machine where it would be reproduced. This was done by s...

    1 Agent Answer    0 Community Answer
    Aug 24, 2017 09:31AM UTC
  • can't install latest archive : gunzip issue

    Hi, I have the following error when trying to install Burpsuite : --- gzip: sfx_archive.tar.gz: not in gzip format I am sorry, but the installer file seems to be corrupted. If you downloaded that file please try it again. If you transfer that file with ftp please make sure that you are using binary mode. --- Also, I did the following stuff before executing it : --- $ md5sum burp...

    3 Agent Answers    4 Community Answers
    Aug 24, 2017 06:35AM UTC