Feature Requests

Post a feature request

  • Autocomplete attribute in password fields

    Hi Team, We are scanning our web application "Globanet Merge1" using BurpSuite and we noticed a minor issue with autocomplete attributes in forms. We use autocomplete="new-password" in forms to really prevent browser from prompting the users to save their passwords (since autocomplete="off" is ignored by most browsers), setting the autocomplete attribute to new-...

    1 Agent Answer    1 Community Answer
    Jun 19, 2019 02:23PM UTC
  • Extension provided insertion points as checkbox

    As an extension developer I would like to run scans that only use extension-provided insertion points. However, when I add a new scanning configuration in Burp 2.0.23, the "Insertion Point Types" has a list of checkboxes for insertion points, but no checkbox for extension-provided insertion points. Can we get a checkbox for "Extension-provided insertion points"?

    1 Agent Answer    0 Community Answer
    Jun 13, 2019 02:44PM UTC
  • Use BouncyCastle library to eliminate javax.net.ssl.SSLException errors in Burp

    As our sites have had to limit SSL and support robust ciphers we have been receieveing "javax.net.ssl.SSLException' errors . To get around this issue we have Proxy chained ZAP proxy. ZAP proxy works because SSLv2 implementations on the one side vs modern implementations with ciphers and prime sizes that the native Java SSL implementation does not support. Chaining the ZAP Proxy work be...

    1 Agent Answer    0 Community Answer
    Jun 11, 2019 03:07PM UTC
  • Dynamic analysis tab improvements

    Hi, Could the new Dynamic analysis tab have the same features as the Request and Response tabs? 1. The ability to search. 2. Payload nonce highlighting. Thanks, Ryan

    1 Agent Answer    0 Community Answer
    Jun 03, 2019 10:59AM UTC
  • Burp Suite Pro Edition on Chocolatey

    I'd like to see Burp Suite Pro available on Chocolatey, which I am using along with puppet to manage software installations for our Windows 10 laptops at my company.

    0 Community Answer
    May 30, 2019 04:45PM UTC
  • Burp 2 stable.

    Is there any update on when Burp 2 will be out of beta. I would love to move to using this version of the application but my company won't move forward with it while it says Beta in the name.

    1 Agent Answer    0 Community Answer
    May 23, 2019 01:11PM UTC
  • Sort entries in the site map by domain components before hostname

    While HTTP and HTTPS servers on the same hostname are sorted together (indicating a degree of custom sorting already), it would really make sense to sort all of the servers in a particular domain together as well. Currently, entries are sorted similar to: www.host1.com www.net2.com www1.host1.com while it would really make more sense to *sort* them in "reverse domain order" ...

    1 Agent Answer    1 Community Answer
    May 21, 2019 01:59PM UTC
  • HTTP request charset support.

    Hey Guys, I have 2 questions regarding charset support in the Content-Type header of a request. This relates to Burp community edition version v1.7.36 1. When charset is set to UTF-16 BE BOM, Burp seems to properly detect it only if the content-type is application/json. It fails to do so if it's text/html, text/plain. Any idea why? 2. Is there a list of all the charsets supported by Bu...

    1 Agent Answer    2 Community Answers
    May 19, 2019 07:04PM UTC
  • Burpsuite desktop license transfer

    Hi Team, I am from Mindtree and we have recently purchased two burpsuit desktop licenses. details provided below. Now one of the license should be transferred to out of Mindtree user. As per license terms can we transfer. Kindly suggest. PO NO : 4800007725 Regards, Dinakaran

    1 Agent Answer    0 Community Answer
    May 17, 2019 05:48AM UTC
  • Additional Column request in the Proxy Listeners

    Hi Team, During my security testing using Burp suite, I felt this feature would be very helpful hence requesting your help in adding this in the upcoming versions. Requested feature is as follows: Under proxy listeners, we have the feature to set the port address and proxy listeners. As I use multiple browsers during my testing there is no way to identify which port belongs to which brow...

    1 Agent Answer    1 Community Answer
    May 16, 2019 06:09AM UTC