Feature Requests

Post a feature request

  • Sort entries in the site map by domain components before hostname

    While HTTP and HTTPS servers on the same hostname are sorted together (indicating a degree of custom sorting already), it would really make sense to sort all of the servers in a particular domain together as well. Currently, entries are sorted similar to: www.host1.com www.net2.com www1.host1.com while it would really make more sense to *sort* them in "reverse domain order" ...

    1 Community Answer
    May 21, 2019 01:59PM UTC
  • HTTP request charset support.

    Hey Guys, I have 2 questions regarding charset support in the Content-Type header of a request. This relates to Burp community edition version v1.7.36 1. When charset is set to UTF-16 BE BOM, Burp seems to properly detect it only if the content-type is application/json. It fails to do so if it's text/html, text/plain. Any idea why? 2. Is there a list of all the charsets supported by Bu...

    1 Agent Answer    2 Community Answers
    May 19, 2019 07:04PM UTC
  • Burpsuite desktop license transfer

    Hi Team, I am from Mindtree and we have recently purchased two burpsuit desktop licenses. details provided below. Now one of the license should be transferred to out of Mindtree user. As per license terms can we transfer. Kindly suggest. PO NO : 4800007725 Regards, Dinakaran

    1 Agent Answer    0 Community Answer
    May 17, 2019 05:48AM UTC
  • Additional Column request in the Proxy Listeners

    Hi Team, During my security testing using Burp suite, I felt this feature would be very helpful hence requesting your help in adding this in the upcoming versions. Requested feature is as follows: Under proxy listeners, we have the feature to set the port address and proxy listeners. As I use multiple browsers during my testing there is no way to identify which port belongs to which brow...

    1 Agent Answer    1 Community Answer
    May 16, 2019 06:09AM UTC
  • Add scheduled scan through api and auto creating jira tasks

    Hello. Please, add this features. 1) Add creation of a scheduled scan through api 2) Auto creating jira tasks based on the level of criticality and the choice of the jira project, depending on the url or name scan. also do for api

    1 Agent Answer    2 Community Answers
    May 14, 2019 02:44PM UTC
  • Burp enterprise update error

    Burp Suite Enterprise Edition v1.0.14beta can not download update files throught proxy (downloading stops after ~5 minutes). We have already check our proxy, all works fine. Also i can not install update via .zip file.

    1 Agent Answer    0 Community Answer
    Apr 23, 2019 02:39PM UTC
  • Black-on-black highlighting to redact passwords and such for screenshots

    Sounds like a silly feature, but I have to redact passwords and other stuff in screenshots all the time. It would be hella cool if Burp had a redaction option so I don't have to fire-up a photo editor. It would save HOURS every week in my workflow.

    1 Agent Answer    0 Community Answer
    Apr 22, 2019 10:05PM UTC
  • Web Security Academy - Show Unfinished

    Good Afternoon, It would be very nice to have a way to filter out all of the completed sections and only see what's left to be done. I completed 100% of the labs and content shortly after it was released. A short time later, additional XSS labs were released. Coming back and digging around to find them could certainly be a more streamlined process. Thank you for the content, i...

    1 Agent Answer    0 Community Answer
    Apr 21, 2019 07:29PM UTC
  • Analyze Target - JSON Parameters

    I would like the ability to review JSON parameters within the Analyze Target feature. This would be highly beneficial when testing API's.

    1 Agent Answer    0 Community Answer
    Apr 18, 2019 02:57PM UTC
  • BurpSuite logging formats and destinations for external consumption

    When saving items from proxy history they are saved in XML, please add an option for JSON. Please add options for XML or JSON when configuring logging in "Project options" -> "Misc" -> "Logging". More specifically I'm consuming these logs in Splunk, an option for a Splunk HTTP Event Collector (HEC) enpoint (just consumes JSON) would be pretty awesome to be ...

    1 Agent Answer    1 Community Answer
    Mar 25, 2019 08:27PM UTC