Feature Requests

Post a feature request

  • BurpSuite logging formats and destinations for external consumption

    When saving items from proxy history they are saved in XML, please add an option for JSON. Please add options for XML or JSON when configuring logging in "Project options" -> "Misc" -> "Logging". More specifically I'm consuming these logs in Splunk, an option for a Splunk HTTP Event Collector (HEC) enpoint (just consumes JSON) would be pretty awesome to be ...

    2 Agent Answers    2 Community Answers
    Mar 25, 2019 08:27PM UTC
  • Scan selected items in BURP 2.0.18Beta

    To scan "selected items", i.e. HTTP calls I already went through in a browser and/or SoapUI with using BURP as a Proxy, I have to navigate to the Target tab, right-click the target, select Scan, choose "scan selected items". This comes in a stark contrast with the Dashboard tab's "New scan" and "New live task" button which appear readily available. ...

    2 Agent Answers    1 Community Answer
    Mar 20, 2019 01:44PM UTC
  • SSL certificate finding

    BURP 2.0.18Beta issued a finding about our site's SSL certificate. I believe it found a seeming inconsistency between the "alt" DNS names allowed by the certificate and the host name. But the site presents a different, proper certificate when sending the "Server Name Indication" (SNI) in opening the SSL connection. BURP should send SNI to get the proper SSL certificate ...

    4 Agent Answers    4 Community Answers
    Mar 20, 2019 12:29PM UTC
  • API to allow for distinguishing traffic requested by Macros

    Could the API be adjusted to allow extenders to have the information, if request is coming from Macros? https://github.com/nccgroup/BurpSuiteLoggerPlusPlus/issues/69

    1 Agent Answer    0 Community Answer
    Mar 15, 2019 10:56AM UTC
  • SSO and LDAP integration for Burp Enterprise

    After setting up the initial infrastructure and promoting the solution among projects, the team size quickly started to grow and it already became painful to manually manage the user accounts. It would be very beneficial for us to just integrate Burp Enterprise with our existing LDAP and ideally also SAML based SSO to seamlessly integrate in our ecosystem.

    2 Agent Answers    1 Community Answer
    Mar 15, 2019 09:22AM UTC
  • Active Scan: Possibility to choose which extension(s) to use for scan

    Hey, in Burp Beta we now have the possibility to start an active scan using "extensions only". Most of us have more than one extensions enabled, so starting "extension only" scan will result in a lot of requests which are useless but integrated in an extension. I know one can just disable the extensions he does not need, but this is really tedious, especially on targets wit...

    1 Agent Answer    0 Community Answer
    Mar 12, 2019 12:56PM UTC
  • Report functionality for Enterprise edition

    Hi, It is possible or planned for the Enterprise edition a "Generate Report" functionality, like the one that is available on the Professional edition? or even a better one? it would be great if we can generate pdf reports of the performed scans, as many other tools can. Thanks in advance

    3 Agent Answers    1 Community Answer
    Mar 08, 2019 06:25PM UTC
  • Remember column layout in HTTP history

    Hello, I usually move the "Time" column to the left in the Proxy - HTTP history. But burp doesn't remember this. Neither in the stored project, nor in the project options or in the user options. I have to re-arrange this every time I restart burp. Can you please give me an option to store my preferences in this regard, so that I don't have to re-do this configuration eve...

    1 Agent Answer    1 Community Answer
    Mar 07, 2019 01:16AM UTC
  • OAuth authentication

    At the moment, burp enterprise does not support Authenticated scanning with OAUTH and SSO. Going forward it is good to have a login sequence recorder to overcome such issues

    5 Agent Answers    4 Community Answers
    Mar 06, 2019 11:08PM UTC
  • Add a functionality to stop the Scan in the Enterprise Edition

    Team, You should consider adding a functionality to stop the Scan in the Enterprise Edition.

    2 Agent Answers    1 Community Answer
    Mar 06, 2019 11:06PM UTC