Burp Suite User Forum
As a learner we have to spend a lot of time spending time reading on Web Security Academy. Therefore, it would be very convenient if we had an option of dark mode too.
There are extensions that have some support for variables, but they seem like overkill for handling only variables. I can also achieve some of this with Session Handling Rules in Proxy Options, but it is not as easy when...
I need to inform that Burpsuite was not able to find the Momentjs vulnerability related to CVE-2022-31129 and CVE-2022-24785 in scans. Let me know if the said signatures are added in the burpsuite (in which versions). Need...
Love the new split view on the proxy history with the request/response! The drop down to flip between the original and edited though is a pain. Going back through the proxy history for reporting and flipping between these...
It would be great to be able to re-run specific scanner checks to check to see if a finding was indeed fixed or not. I realize that most Scanner finding can simply be sent to the repeater and done that way, however, at...
I'd like to be able to set Burp's default behavior to always show the "Auto-modified" request and response in the HTTP history tab. Thank you.
Hello, Are there any plans to make the Request lengths visible in Proxy history? When looking at a series of requests to the same endpoint, you can currently see the Response lengths listed under "Length", but...
Hi, In Proxy -> HTTP (WebSocket) history tab I can change the order of columns so the columns I want to see goes first (e.g. URL, request time, ...) and others goes after. However this order isn't preserved between Burp...
A typical usage pattern for me in application testing is that I will write python scripts to automate various attacks against endpoints &c. What I want to do is add a header each request of the form "Script-Name:...
Is it possible to open a .burp file, in the Community Edition, that was created via Burp Suite Pro?
Hi Team, I would like to recommend adding a feature to the APIs as well as to BurpSuite. For example, if I have selected a specific value in the request/response editor and I want to decode it, I have to open the menu...
Dear Burp Suite Team, I'm interested in developing a Burp extension focused on analyzing elements within the DOM as they load. Currently, I've observed there isn't a built-in functionality within Burp Suite for directly...
Minified HTML responses are extremely difficult to compare. When trying to compare two 100k byte responses that are in a single line, I either have to use a different tool or give up entirely. My request is, when a...
Hi Team, Could you please reset my academy learning materials as well as my Labs? Thank You.
Hello, First off this is a truly awesome product, keep up the great work! I was wondering if there was a way to save the preferences of column order view in the HTTP history tab under Proxy. I often like to drag the...
I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.
We would like to add tags to the sites we're scanning with Burp Suite Enterprise, something that helps us integrate with BI and Vulnerability Management solutions to relate a site to different lines of business, clients,...
Hello, I've been in discussion with support via email already but wanted to post this here. We have a situation where burp is identifying the application we are scanning uses Http/2 when in actuality, it doesn't and it...
For the moment only one Platform authentication entry is allowed per destination host. If the user tries to set up a second entry that has the same destination host, Burp will not allow it. However, it is useful during...
Wish extensions API can do those thing: 1. encoding function for inspector 2. highlight text in Message Editor by passing multi ranges 3. get error message if HTTP request error (timeout or other error) 4. Intruder...
Page 1 of 63
Your source for help and advice on all things Burp-related.