Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Built in Scripting Language

    So that a testar can script requests and responses on the fly without the pain of writing custom extensions. Extensions are awesome, but sometimes the timeframe is very limited, kicking the "write an extension for this" out in prol of python/perl scripting snippets. I've been looking at Burp BeanShell extension, seems pretty much like that. Thanks.

    0 Community Answer
    May 06, 2015 09:40PM UTC
  • Find and replace in intruder

    It would be nice to have a find and replace within intruder, saving the tester from burp <-> notepad copy & paste kung foo. Sometimes the HTTP requests are so massive that makes impossible to set each entry point one by one.

    1 Agent Answer    2 Community Answers
    May 06, 2015 09:19PM UTC
  • OWASP

    Some of our client like to map issue to known standards. Is there anyway to correspond the vulnerability with OWASP top 10 number (if it relates to it).

    1 Agent Answer    1 Community Answer
    May 04, 2015 08:12PM UTC
  • Differential Automatic Backup Functionality

    Automatic Backup is fantastic, it saved our work quite some time, when the Java environment decided to give up and crash. But, storing every time 700 megs, for example, in a state file, will fill up any hard drive over a weekend. Therefore it would be a great feature to have a differential storage. I know it might be bit difficult to create, but using the operating system software might get the jo...

    2 Agent Answers    1 Community Answer
    May 04, 2015 08:23AM UTC
  • HTTP2 support

    I would like to test an application running on HTTP2. Do you have any roadmap for supporting HTTP2?

    6 Agent Answers    8 Community Answers
    May 04, 2015 12:49AM UTC
  • encoder stuff

    Url encoding, would be nice if two options exist; one that encodes everything. and one that encodes just the characters that are necessary. I keep seeing apps that are microsoft stacks that seem to dislike characters that are encoded when they dont need to be. I dont think the RFC cares, but apps do :D Within the params tab of a request, it would be nice to have the option for each param to se...

    1 Agent Answer    0 Community Answer
    Apr 28, 2015 05:34AM UTC
  • Hide viewstate

    I would like to have a native function to hide huge viewstates from ASP.NET web applications. Or even better, if it could be possible to toggle the visibility for any variable

    1 Agent Answer    0 Community Answer
    Apr 24, 2015 09:55AM UTC
  • API to update Requests as presented in UI in Proxy, Repeater, etc.

    Hi, I have written some custom extensions using both the java API and jython. Typically, it is for things like setting custom headers. While they work (they do send the custom headers) it's hard to see exactly what was sent since the UI doesn't update after the message is set. The work around I'm using to get passed this is to chain 2 instances of burp together, with the custo...

    1 Agent Answer    0 Community Answer
    Apr 21, 2015 09:06PM UTC
  • Audible Alerts

    Would like to add this feature - where is a error - say network issue that has made the scan to stop - in that case, we would like to have a audible alert. This would help the user to focus his attention on other tasks while ensuring the scan is running properly.

    1 Community Answer
    Apr 20, 2015 05:00AM UTC
  • XML formatting

    Would it be possible for Burp Suite to properly format XML requests in the 'Params' tab? Cheers.

    1 Agent Answer    0 Community Answer
    Apr 17, 2015 02:27PM UTC