Feature Requests

Post a feature request

  • View insertion points of "Scan items" in the scanner

    It would be great to know which "Insertion points" the Scanner used for a certain request (aka "Scan item"): right now only the total number of them is showed, but not their location.

    2 Agent Answers    1 Community Answer
    Jul 30, 2018 09:40AM UTC
  • Have a "Duplicate Tab" option in repeater

    Add a way to duplicate a repeater tab

    1 Agent Answer    0 Community Answer
    Jul 25, 2018 01:16AM UTC
  • NTLM Replay

    Currently if I want to browse some website through Burp with an NTLM authentication I need to provide to Burp the credentials. Since by design NTLM is prone to re(p)lay attack, why can't Burp just replay the challenges and responses withoout needing the credentials? Thank you Joel

    1 Agent Answer    0 Community Answer
    Jul 23, 2018 03:22PM UTC
  • Tab Name Editing

    Hi , I am using Burpsuite Pro edition 1.7.35 and i am big fan of Burpsuite Extensions. I use plenty of them and the problem that i face while using them is that the name of some of these extensions is so long that it really hogs up the real-estate of my burp window. This is further exacerbated when i load multiple extensions so the initial layer of tabs with repeater,proxy etc.. bloats up int...

    1 Agent Answer    0 Community Answer
    Jul 19, 2018 06:38AM UTC
  • Adding a name field to the Upstream Proxy Servers list

    Apologies if this is a duplicate, I haven't found a similar request. I'd like to request a feature which adds a user-configurable name or title field to each entry under Upstream Proxy Servers. I work at a place with a large number of proxies and bastion hosts, and frequently need to switch between them in Burp. The majority are localhost:xxxx, which makes it difficult to remember whi...

    1 Agent Answer    0 Community Answer
    Jul 19, 2018 03:56AM UTC
  • Collaborator feature to exfiltrate data

    Currently the collaborator it allow only to understand if a specific request generate an interaction with the collaborator on own payload. It would be very useful to add a feature to show in burp also exfiltrated data. For example, a normal collaborator DNS request is: l8unsfv43bbasbil8bo4o4edl4rufj.pippo.pluto.net Having the possibility to add data like will help tester, for example: ...

    1 Agent Answer    1 Community Answer
    Jul 05, 2018 07:56AM UTC
  • Comparer word wrap checkbox

    It would be really nice to have the word wrap feature in Comparer. Some lines/strings in requests or responses can be very long and it is inconvinient to look for differences since the user has to scroll both vertically and horizontally. I think a checkbox for toggling word wrap on and off would be great.

    1 Agent Answer    0 Community Answer
    Jun 28, 2018 07:12PM UTC
  • Disable Infiltrator payloads with ease

    As part of Active Scan, I know I can fine-tune heuristics to disable Infiltrator for some individual issues. However, I need to sort by Detection Methods, and open each of them to check if Infiltrator is enabled, and then disable it. I can't search for Infiltrator in the search field. Since during most assessments Infiltrator may not be deployed, would it be possible to have a checkbox sayi...

    1 Agent Answer    0 Community Answer
    Jun 22, 2018 08:40AM UTC
  • Can you remove the two click-throughs on loading Burp, or let me set defaults?

    When I open Burp in OS X, I have to click through two screens - the first for project creation/load (defaults to 'Temporary project'), and the second the config loader (defaults to 'Use Burp defaults'). I would love have both those be configured defaults & avoid the double click-through before Burp is in a usable state. (The second screen does have a 'Default to the...

    1 Agent Answer    0 Community Answer
    Jun 21, 2018 10:17PM UTC
  • Randomize Scanning Order Queue

    Is it possible to randomize the order of the scanning queue? If not, can I access the queue from Jython? Thanks Jonas

    1 Agent Answer    1 Community Answer
    Jun 17, 2018 09:47AM UTC