Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
Burp Suite Professional and Community editions | Burp Suite Enterprise Edition |
Burp Scanner | Burp Collaborator |
Burp Infiltrator | Full Documentation Contents |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
API documentation | Writing your first Burp Suite extension |
Sample extensions | View community discussions about Extensibility |
Feature Requests
Post a feature request
-
HTTP2 support
I would like to test an application running on HTTP2. Do you have any roadmap for supporting HTTP2?
14 Agent Answers 19 Community AnswersMay 04, 2015 12:49AM UTC -
encoder stuff
Url encoding, would be nice if two options exist; one that encodes everything. and one that encodes just the characters that are necessary. I keep seeing apps that are microsoft stacks that seem to dislike characters that are encoded when they dont need to be. I dont think the RFC cares, but apps do :D Within the params tab of a request, it would be nice to have the option for each param to se...
1 Agent Answer 0 Community AnswerApr 28, 2015 05:34AM UTC -
Hide viewstate
I would like to have a native function to hide huge viewstates from ASP.NET web applications. Or even better, if it could be possible to toggle the visibility for any variable
1 Agent Answer 0 Community AnswerApr 24, 2015 09:55AM UTC -
API to update Requests as presented in UI in Proxy, Repeater, etc.
Hi, I have written some custom extensions using both the java API and jython. Typically, it is for things like setting custom headers. While they work (they do send the custom headers) it's hard to see exactly what was sent since the UI doesn't update after the message is set. The work around I'm using to get passed this is to chain 2 instances of burp together, with the custo...
1 Agent Answer 0 Community AnswerApr 21, 2015 09:06PM UTC -
Audible Alerts
Would like to add this feature - where is a error - say network issue that has made the scan to stop - in that case, we would like to have a audible alert. This would help the user to focus his attention on other tasks while ensuring the scan is running properly.
1 Community AnswerApr 20, 2015 05:00AM UTC -
XML formatting
Would it be possible for Burp Suite to properly format XML requests in the 'Params' tab? Cheers.
1 Agent Answer 0 Community AnswerApr 17, 2015 02:27PM UTC -
In proxy history, view both request and response in the same tab
I would be nice to have the possibility in the proxy history to view both request and response. This would be very helpful to view the flow of the application, having the possibility to view the history lower tab perhaps like the repeater, request and response side by side.
3 Agent Answers 30 Community AnswersApr 10, 2015 01:31PM UTC -
Open multiple links in a browser
Target > Site map > expand tree. 1. Select a grey link that has not been visited. Right click. Instead of Copy URL, add option to Open URL. 2. Select multiple links that have not been visited. Right click. Instead of Copy selected URLs, add option to Open selected URLs.
1 Community AnswerApr 09, 2015 10:38PM UTC -
Additional Proxy History Search Filters
It would be really helpful to be able to specify proxy history searches to be limited to either requests or responses.
1 Agent Answer 2 Community AnswersApr 09, 2015 08:16PM UTC -
In scanner, Setting a configration of redirection
I would like to set up redirection in scanner in the same way as intruder/repeater. Scanner can only set up valid/invalid. (It is the check box "Follow redirections where necessary")
1 Agent Answer 0 Community AnswerApr 04, 2015 03:24PM UTC