Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • BurpSuite Professional Activation Limit

    I am trying to install BurpSuite Licensed version from 1 system to another, after uninstalling it on the previous one. But I am getting a maximum activation limit error when I am trying to activate the same on the 2nd system. Can you please look into the same.

    1 Agent Answer    0 Community Answer
    Jul 24, 2017 11:50AM UTC
  • More hotkeys

    Hello! I use hotkeys a lot, but some trainees use them even more, either by choice (nerds) or not (disabled people). Everybody love Control + "=" (on by default, navigate between Intruder tabs) and Control + "G" (off by default, issue Repeater request), but I hear these requests quite often: - navigate between high-level tabs (Target, Proxy, Spider, Scanner, Intruder, .....

    1 Agent Answer    0 Community Answer
    Jul 22, 2017 10:27AM UTC
  • Stricter validation on Intruder payload "Dates"

    When configuring "Dates" payloads in Intruder, non-digits characters like whitespace produce surprising behaviors that are hard to debug (no visual feedbacks outside of the "Request count"). For exemple, from 20 July 2017 to 30 July 2017 with a 1-day step and the default format: - no whitespace: count = 11 - whitespace after day "20" in "From": count = ...

    1 Agent Answer    0 Community Answer
    Jul 20, 2017 05:38PM UTC
  • Multi-request payloads in intruder

    It would be neat to have multi request payloads in intruder. It could work somewhat like the current burp macros, where you can set up a sequence of requests to send, but the intruder would change some parameters. This is useful in cases where one request is sent to store a parameter and another can be used to trigger the processing of it.

    1 Agent Answer    0 Community Answer
    Jul 20, 2017 01:27PM UTC
  • Make CTRL-G a shortcut for the "GO" command in repeater

    Please add CTRL-G as a shortcut for the "GO" command in repeater to allow quick resending of a payload.

    1 Agent Answer    1 Community Answer
    Jul 20, 2017 01:24PM UTC
  • Allow Match and Replace to change destination hostname

    Please allow the Match and Replace function to change the destination address as well. It would make it easier to test certain scenarios where requests have to be rediredted to different hosts.

    2 Agent Answers    1 Community Answer
    Jul 20, 2017 01:23PM UTC
  • Burp Suite Enquiry about settings

    In proxy options, there is bind address option in which there is specific address option. In free edition, I cannot give a specific address manually, there is a list of addresses, we cannot give any specific address. So I wanted to know that is this functionality supported in burp Suite professional edition?

    1 Agent Answer    0 Community Answer
    Jul 20, 2017 06:33AM UTC
  • match and replace for the websocket

    Possible to add a match and replace for the websockets? Someone made a plugin for it in the past, but isnt working anymore.

    1 Agent Answer    0 Community Answer
    Jul 19, 2017 02:16PM UTC
  • Add a "Response Received" column in Proxy History

    As discussed ~ 1 year ago: https://support.portswigger.net/customer/portal/questions/16241817-add-a-response-received-column-in-proxy-history

    0 Community Answer
    Jul 18, 2017 10:53PM UTC
  • Add "Extension provided checks" to "Active / Passive Scanning Areas"

    Currently, active and passive checks initiated by extensions are run for every scan (i.e. even if no "Scanning Areas" are selected). Having new Scanning Areas (one for passive, one for active) dedicated to extension-provided checks would be nice. I consider that disabling every checks but one (like "External interactions" for Infiltrator-based testing) and having extensio...

    1 Agent Answer    0 Community Answer
    Jul 18, 2017 08:56PM UTC