Feature Requests

Post a feature request

  • Match and Replace

    Hi, I think that a useful feature in tab Proxy --> Options --> Match and Replace can be the possibility to Duplicate a role. Thanks, Lorenzo

    1 Agent Answer    0 Community Answer
    Nov 13, 2019 09:51AM UTC
  • Need to extend logging mechanism in burp.

    Hello, If someone wants to save logs of all requests for external use the only known for me method is to use Project options -> Misc -> Loggiing. It's because there is no any library (as far as I know) for parsing standard burp session file or any documenation about format to write such library by my self. And log from Project options -> Misc -> Logging do not contain basi...

    1 Agent Answer    0 Community Answer
    Nov 08, 2019 08:34AM UTC
  • Refine Collaborator Everywhere headers

    Hi I ran into an assessment where the application used the "Referer:" header for portions of how the application worked. This became more noticeable when using the applications "Back" button feature. In order to use Burp for this assessment I had to disable "Collaborator Everywhere" extension. I think this extension is awesome and has helped me find many vulnerabi...

    2 Agent Answers    2 Community Answers
    Oct 29, 2019 05:21PM UTC
  • the ability to reset a lab

    after mucking about with: https://portswigger.net/web-security/cross-site-scripting/exploiting/lab-stealing-cookies i ended up messing the pages with csrf reuests\blocking the comment form. even though i can send manually a comment post request with a XSS script to fix this on the victims session (in order to complete the lab), i think you need to have the ability to reset the lab in order...

    1 Agent Answer    0 Community Answer
    Oct 24, 2019 07:26PM UTC
  • Connection tracking on low level request

    Hello, I would like to have a feature to track all connection requested on the proxy (at low level). Currently via Burp it's not possible to have a list of request executed via BURP but not handled correctly. For example if burp receive a "CONNECT www.pippo.com:7767 HTTP/1.0" and www.pippo.com response with a reset (example TCP RST) you will not be able to see this connection ...

    3 Agent Answers    2 Community Answers
    Oct 21, 2019 03:03PM UTC
  • Burb Target Tab Grouping

    Add an option to group targets by parent domain, like: a.test1.com b.test1.com c.test1.com a.test2.com b.test2.com c.test2.com Currently, they are only sorted by the full domain: a.test1.com a.test2.com b.test1.com etc. For chatty applications, this would help organize the endpoints they interact with, especially mobile apps that talk to 10+ different domains including several subd...

    1 Agent Answer    0 Community Answer
    Oct 16, 2019 07:43PM UTC
  • Automatically Scan

    Hi everyone, I'd like to do an authenticated scan of a site. The problem is that authentication takes place on a domain other than my scope. How can I perform the authenticated scan of my scope ? Thank you very much

    1 Agent Answer    0 Community Answer
    Oct 15, 2019 09:38AM UTC
  • Live passive crawl misses some information about HTML forms

    Hello, the "Form submission" feature of passive crawling misses two features when adding to the site map: - it doesn't log the parameter names and values defined in HTML forms - it doesn't set the HTTP method (i.e. use GET everytime), even if explicitly defined in HTML forms * How to reproduce Go to "Menu bar > Burp > Configuration library > New > Li...

    1 Agent Answer    1 Community Answer
    Oct 15, 2019 09:29AM UTC
  • Add dark mode to burp suite community editon

    For windows 10 make so it adapts to system settings

    1 Agent Answer    0 Community Answer
    Oct 11, 2019 01:50AM UTC
  • Scanner / Scan configuration / View (or edit) built-in configuration from library

    The built-in scanner configuration available in the library look nice but I would like to view the exact settings they contain, before deciding to use them or create my own. Maybe you could re-use the UI to create new scan configurations and apply it to view the settings in read-only (greyed).

    1 Agent Answer    1 Community Answer
    Sep 27, 2019 04:28PM UTC