Feature Requests

Post a feature request

  • Web Security Academy - Show Unfinished

    Good Afternoon, It would be very nice to have a way to filter out all of the completed sections and only see what's left to be done. I completed 100% of the labs and content shortly after it was released. A short time later, additional XSS labs were released. Coming back and digging around to find them could certainly be a more streamlined process. Thank you for the content, i...

    1 Agent Answer    1 Community Answer
    Apr 21, 2019 07:29PM UTC
  • Analyze Target - JSON Parameters

    I would like the ability to review JSON parameters within the Analyze Target feature. This would be highly beneficial when testing API's.

    1 Agent Answer    0 Community Answer
    Apr 18, 2019 02:57PM UTC
  • BurpSuite logging formats and destinations for external consumption

    When saving items from proxy history they are saved in XML, please add an option for JSON. Please add options for XML or JSON when configuring logging in "Project options" -> "Misc" -> "Logging". More specifically I'm consuming these logs in Splunk, an option for a Splunk HTTP Event Collector (HEC) enpoint (just consumes JSON) would be pretty awesome to be ...

    2 Agent Answers    2 Community Answers
    Mar 25, 2019 08:27PM UTC
  • Scan selected items in BURP 2.0.18Beta

    To scan "selected items", i.e. HTTP calls I already went through in a browser and/or SoapUI with using BURP as a Proxy, I have to navigate to the Target tab, right-click the target, select Scan, choose "scan selected items". This comes in a stark contrast with the Dashboard tab's "New scan" and "New live task" button which appear readily available. ...

    2 Agent Answers    1 Community Answer
    Mar 20, 2019 01:44PM UTC
  • SSL certificate finding

    BURP 2.0.18Beta issued a finding about our site's SSL certificate. I believe it found a seeming inconsistency between the "alt" DNS names allowed by the certificate and the host name. But the site presents a different, proper certificate when sending the "Server Name Indication" (SNI) in opening the SSL connection. BURP should send SNI to get the proper SSL certificate ...

    4 Agent Answers    4 Community Answers
    Mar 20, 2019 12:29PM UTC
  • API to allow for distinguishing traffic requested by Macros

    Could the API be adjusted to allow extenders to have the information, if request is coming from Macros? https://github.com/nccgroup/BurpSuiteLoggerPlusPlus/issues/69

    1 Agent Answer    0 Community Answer
    Mar 15, 2019 10:56AM UTC
  • SSO and LDAP integration for Burp Enterprise

    After setting up the initial infrastructure and promoting the solution among projects, the team size quickly started to grow and it already became painful to manually manage the user accounts. It would be very beneficial for us to just integrate Burp Enterprise with our existing LDAP and ideally also SAML based SSO to seamlessly integrate in our ecosystem.

    3 Agent Answers    3 Community Answers
    Mar 15, 2019 09:22AM UTC
  • Active Scan: Possibility to choose which extension(s) to use for scan

    Hey, in Burp Beta we now have the possibility to start an active scan using "extensions only". Most of us have more than one extensions enabled, so starting "extension only" scan will result in a lot of requests which are useless but integrated in an extension. I know one can just disable the extensions he does not need, but this is really tedious, especially on targets wit...

    1 Agent Answer    0 Community Answer
    Mar 12, 2019 12:56PM UTC
  • Report functionality for Enterprise edition

    Hi, It is possible or planned for the Enterprise edition a "Generate Report" functionality, like the one that is available on the Professional edition? or even a better one? it would be great if we can generate pdf reports of the performed scans, as many other tools can. Thanks in advance

    3 Agent Answers    1 Community Answer
    Mar 08, 2019 06:25PM UTC
  • Remember column layout in HTTP history

    Hello, I usually move the "Time" column to the left in the Proxy - HTTP history. But burp doesn't remember this. Neither in the stored project, nor in the project options or in the user options. I have to re-arrange this every time I restart burp. Can you please give me an option to store my preferences in this regard, so that I don't have to re-do this configuration eve...

    1 Agent Answer    1 Community Answer
    Mar 07, 2019 01:16AM UTC