Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • One scanning queue per host ?

    Hello, When you have to work on multiple targets (hosts) and launch a scan on all of them, the scanning time is slowed down because you have a single queue. This single queue means that Burp have to finish scanning host1 pages before starting to scan host2. With one scanning queue per host total scanning time could be a lot faster. Of course you can tell Burp to "Scan next" an item...

    2 Agent Answers    2 Community Answers
    Aug 07, 2015 08:21AM UTC
  • IS there any new vulnerability introduced??

    IS there any new vulnerability introduced apart from OWASP top ten.

    1 Agent Answer    0 Community Answer
    Aug 07, 2015 06:31AM UTC
  • setting case sensitivity option

    When I'm sure I'm testing Windows environment and it doesn't matter on sensitivity, would it be possible to introduce an option where this could be turned on? I noticed that e.g. in Target Analyzer -> Parameters you are tracking every occurrence of different sensitivity as different one. Also in adding rules in Session handling (set a specific cookie or parameter value) it is cas...

    0 Community Answer
    Jul 31, 2015 01:17PM UTC
  • websockets 'Send to' repeater & intruder

    More and more of the Web apps I am pen-testing rely on Websockets for their main communication channel, and vector for XSS/sql-injection/CSRF etc. This would be very helpful if the functionality existing that exists for normal HTTP requests.

    4 Agent Answers    6 Community Answers
    Jul 30, 2015 10:56PM UTC
  • Save displayed columns in Intruder

    Would it be possible to save the selection of displayed columns in an Intruder Attack (either by default on exit or as option)? Thanks for looking into it!

    1 Agent Answer    0 Community Answer
    Jul 28, 2015 08:16AM UTC
  • In Repeater automatically add answers to the site map

    Hello, I use the Repeater a lot to find new pages/behaviors on web servers but each time I find something interesting I need to right click on the response, click on "Add to site map" and then confirm. A total of 3 clicks for each item I want to add. Ok for adding a few items but time consuming when you have more. Can you please add a feature to automatically add the responses or at ...

    1 Agent Answer    0 Community Answer
    Jul 24, 2015 03:01PM UTC
  • Save All Repeater Tabs in State File

    See bug report here for context: https://support.portswigger.net/customer/portal/questions/11548096-not-all-repeater-tabs-saved-restored-via-state-file I send requests to Repeater as I explore an application, and go back later to play with them. I don't always use them in Repeater immediately, so the tabs become a kind of checklist of tasks I have queued up. On a recent job, I lost quite a...

    1 Agent Answer    1 Community Answer
    Jul 21, 2015 07:42PM UTC
  • Feature request (other ssl/tls protocol support)

    What would compliment this great tool is the ability to support other protocols that run on SSL/TLS like SMTP secure and IMAP secure. There are other proxy like tools out there for these protocol yet none of them provide the ability to modify the intercepted content. One can only see the content as it's logged to a log file. I think the ability to support other protocols not just HTTP on t...

    1 Agent Answer    1 Community Answer
    Jul 21, 2015 05:26PM UTC
  • Burp Suite Data Sheet

    Please provide the Burp Suite Features/Data Sheet

    1 Agent Answer    0 Community Answer
    Jul 20, 2015 05:59AM UTC
  • Intercept Queue

    Would it be possible to add a "Queue" to the Intercept tab. This would show the requests/responses queued to be intercepted and they would be removed from the queue after they are intercepted. On occasions where there are multiple requests waiting to be "Intercepted", it would be nice to be able to highlight, for example, the next five requests and allow them to pass without...

    1 Agent Answer    0 Community Answer
    Jul 15, 2015 01:22PM UTC