Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Intercept non HTTP protocols

    An ability to intercept non-HTTP protocols (perhaps an API feature to let users code extensions for relevant protocols). A situation arrived at work involving SIP. Getting the traffic to pass through Burp was easy, but without an ability to intercept INVITE (and so forth) it lead to creating custom tools instead.

    1 Agent Answer    6 Community Answers
    Jan 27, 2015 10:07AM UTC
  • Ability to view the delay of a response in a column (Intruder)

    May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

    2 Agent Answers    2 Community Answers
    Jan 26, 2015 01:20PM UTC
  • Ability to edit several rows on parameters viewing tab during editing of intercepted message

    Ability to edit several rows (i.e. values/names of several POST parameters) on parameters viewing tab during editing of intercepted message (Proxy module) would helped a lot.

    1 Agent Answer    0 Community Answer
    Jan 25, 2015 10:31AM UTC
  • State Management - Display the current State

    During an engagement I will work with and save multiple states. Once I load or save a state I would like Burp to display the current state loaded. I tt would make it easier to manage all the various files. It would also be nice to display the state names when comparing site maps. Thanks, John

    3 Agent Answers    2 Community Answers
    Jan 20, 2015 06:05PM UTC
  • Brute Force

    It would be nice if the burp pro spider had an option to "brute force" files and check for the most common 100 or so files in each directory. Will

    1 Agent Answer    0 Community Answer
    Nov 28, 2014 11:15AM UTC
  • NoSQL

    Does Burpsuite or any of its add ons support checks for NoSQL databases?

    2 Agent Answers    1 Community Answer
    Nov 28, 2014 11:04AM UTC
  • ShellShock

    Hi Support, I’m just curious if you’re going to release anything for ShellShock (recent bash vulnerability) detection. Please let me know about your plans. Thanks, David

    1 Agent Answer    0 Community Answer
    Nov 27, 2014 10:54AM UTC