Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Preview bitmap images (BMP)

    It would be great if we can preview bitmap images in proxy preview, just like how we preview HTML, JPEG and PNG traffics. MIME type is “image/bmp”. Burp seems to be built with Swing/AWT; if so, it should be easy to implement this feature, since Swing supports BMP natively. I made a Extender for this feature, but I really think BMP (as well as anything supported by JRE without third-party library) ...

    1 Agent Answer    0 Community Answer
    Feb 14, 2018 07:51PM UTC
  • Expose intercept state for Burp API

    I am currently developing a burp extension and would like to be able to check the state of the "Intercept" button in the proxy tab. I am able to turn on/off the interception but am not able to poll the state. Thanks

    2 Agent Answers    1 Community Answer
    Feb 07, 2018 09:38AM UTC
  • Decoder - Save/Load to/from File

    Hi, It would be really nice for further analysis of decoded stuff to be able to save each buffer of the "Decoder"-Tab into a file. It is hard to copy binary out of it. The only way i see currently is: encode as base64 and copy string and decode on console, which is not really practical.

    1 Agent Answer    0 Community Answer
    Feb 06, 2018 07:17AM UTC
  • Recognize PDF types

    Currently the “application/pdf” type is recognized as “app” instead of PDF. This is very common in HTTP response, so please label it correctly.

    1 Agent Answer    0 Community Answer
    Feb 04, 2018 08:14PM UTC
  • An important feature request

    Your spider tool should submit the contents of place holder along with the default parameters burp suite have, otherwise the tool miss some important input fields that contains vulnerabilities like sql injection.

    1 Agent Answer    0 Community Answer
    Feb 02, 2018 11:24AM UTC
  • Single thread possibility

    Hi, with your new update in changing the # of threads into # of concurrent rate limit; could it be possible to limit Active scan to a single thread? I test apps which often have very complex session management, or 1-time CSRF tokens, and I personally feel more confident in a single thread and scanning. Also the debugging of session management/problems with environment are much better with a ...

    1 Agent Answer    0 Community Answer
    Feb 01, 2018 01:12PM UTC
  • Add path to Basic Authentication forms if discovered

    I like spidering, etc cetera while "do platform authentication" and "prompt for credentials on authentication failure" is enabled, because the pop up form shows me that there is some interesting on the site. But I don't know where Burp found the 401 request. I don't like to filter or check the logs afterwards because this consumes time. Could you please add this ki...

    1 Agent Answer    1 Community Answer
    Jan 29, 2018 10:42AM UTC
  • Integrat Burp with TFS build

    Hello, Kindly I would like to know if we can integrate Burp with Microsoft Team Foundation Server (TFS) or if we can integrate the test result into TFS. Also, is possible to run the test as continuous integration? Thanks in advance BR/Obaida

    2 Agent Answers    2 Community Answers
    Jan 29, 2018 10:12AM UTC
  • Persistent Intruder Results

    Hi, It would be great if intruder results were persistent and part of the project file. Maybe a "Results" subtab on the same level as "Target, Positions, Payloads, Options" within intruder. Thanks!

    1 Agent Answer    0 Community Answer
    Jan 24, 2018 03:34PM UTC
  • Ability to update all extension

    It would be nice to have a way to update all the burp extension from the bapps at once. Having a button like "Update all" instead of having to do it one-by-one.

    2 Agent Answers    0 Community Answer
    Jan 23, 2018 05:49PM UTC