Feature Requests

Post a feature request

  • Intercept Queue

    Would it be possible to add a "Queue" to the Intercept tab. This would show the requests/responses queued to be intercepted and they would be removed from the queue after they are intercepted. On occasions where there are multiple requests waiting to be "Intercepted", it would be nice to be able to highlight, for example, the next five requests and allow them to pass without...

    1 Agent Answer    0 Community Answer
    Jul 15, 2015 01:22PM UTC
  • Rendering JSON in pretty form in response body

    Hi, Please consider rendering application/json content in response.body in a pretty form. Today, I am forced to copy+paste the content into another tool to view it in pretty form. Thx Chaks

    1 Agent Answer    0 Community Answer
    Jul 13, 2015 03:30AM UTC
  • Add test for HTTP Strict Transport Security (HSTS) and update the Cacheable HTTPS Response test

    In the most recent version 1.6.21 - I see that under the Scanner tab you have added the "Issue" Listing - Thank you for that !!! However, I do not see any test for the absence of the HTTP Strict Transport Security (HSTS) Header element in that list. Please consider the addition of a test for that issue in a future release. Also in the test for Cacheable HTTPS Response (0x00700100) - i...

    2 Agent Answers    2 Community Answers
    Jul 09, 2015 06:17PM UTC
  • Add "Search Bapp Store" Box

    The Burp App Store is growing and there are many new additions from last year even. How about a search box that scans the names and description files to filter down the list. So, CSRF will display plug-ins that contain that keyword.

    1 Agent Answer    1 Community Answer
    Jul 08, 2015 12:34AM UTC
  • Add "Close All Tabs" button to the Repeaster

    In the repeater tab, I would like a “close all tabs” button. In the Mac-look-and-feel-GUI; if you click the X, the tabs auto-adjust slightly to re-center. Thus, you click X and move the mouse. Repeat 52 times (yes, I had 52 open, I am silly sometimes.

    1 Agent Answer    0 Community Answer
    Jul 08, 2015 12:33AM UTC
  • Hide from view based on MIME type

    Hi, recently I came across a web server where certain categories of files (images, css) were having a filename of the format "_x-y" with no extension, where x and y is a alphanumeric value of a varying length of characters, eg _0a1b2c4d5e-f6g7h8i9j In the MIME column of Proxy | HTTP history the type of the file is identified correctly as eg JPEG, GIF, CSS... Is there any way I can ...

    1 Community Answer
    Jul 05, 2015 08:56AM UTC
  • Source IP addresses in Proxy/HTTP History

    It would be great if an additional column for the source IP address would exist, so we could see which client makes the selected request.

    3 Agent Answers    8 Community Answers
    Jun 24, 2015 07:24AM UTC
  • HTTP History - Filter on Edited Requests

    Could you add a filter to the HTTP History tab allowing selection of only edited requests/responses? Also would it be possible to make the comment column in the HTTP History table editable so that you don't have to use the context menu? Or perhaps add a comment field directly to the Request/Response window you get when you've double clicked an entry in the HTTP History table.

    2 Agent Answers    2 Community Answers
    Jun 23, 2015 05:58PM UTC
  • Burp Porxy Features- Replay Request

    Hi I would like to propose the following features in Burp. 1) Burp loads default profile:- Burp should allow users to specify the default template location. 2) Requests Replay :- We would like feed the requests & Response to other tools such as Appscan/webinspect. Fiddler has feature to repeat several requests at a time and auto-response feature. In burp we can only use repeater a...

    0 Community Answer
    Jun 20, 2015 07:46AM UTC
  • ASP.NET ValidateRequest bypass + tuning

    According to my experience Burp Suite doesn't check for this type of ValidateRequest filter bypass: http://www.jardinesoftware.net/2011/07/17/bypassing-validaterequest/ Would it be possible to add this to the Persistens XSS checks? (Sorry if I missed something) On a related note: Since ValidateRequest throws an exception when encountering typical XSS patterns many apps terminate the ...

    1 Agent Answer    0 Community Answer
    Jun 16, 2015 07:19AM UTC