Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • System to "back up" project files in case of crashes.

    So as I understand it, the "Save State" functionality is being removed from Burp and being replaced by the project file. My only issue with this is that when Burp / the OS crashes, project files get corrupted. This morning my laptop crashed and the project file was corrupted so much that the only thing Burp managed to get back out of it were the targets. Entire proxy history was gone. Lu...

    1 Agent Answer    0 Community Answer
    May 02, 2017 02:44PM UTC
  • Active Scan configuration taken when scan request insered into the queue and not when scan start

    Hi everybody, I did some test and seems that currently the active scan configuration is used to generate test cases when the scanner start to execute the tests on a specific request. That mean if you have a long queue and you change in the mean time the scanner options these changes will impact in the future inserted request and also in the one already inserted into the queue and not yet starte...

    2 Agent Answers    1 Community Answer
    Apr 30, 2017 03:45PM UTC
  • Extension release dates in BApp Store

    An extension's version number is useful however it would be really useful to see the release dates for the extensions available in the BApp Store. Links to the extension and version history would also be useful. This way we can see how old they are and if they are actively being developed.

    2 Agent Answers    1 Community Answer
    Apr 28, 2017 10:26AM UTC
  • Require Confirmation for Clear History

    Please add a confirmation dialog to clear history from the right click menu option. This is far to destructive to the project integrity and irreversible right now.

    1 Agent Answer    0 Community Answer
    Apr 27, 2017 04:51PM UTC
  • Burp supports Windows 2012 R2

    Does Burp supports Windows 2012 R2 ?

    1 Agent Answer    0 Community Answer
    Apr 26, 2017 07:09AM UTC
  • OWASP Top 10 updated (2017)

    OWASP TOP 10 has been revised for 2017... noteably there are 3 new vulnerabilities listed; A4 - Broken Access Control, A7 - Insufficient Attack Protection, and A10 - Underprotected APIs. When do you plan on updating your OWASP top 10 with these, and map to OWASP feature/capabilities (https://support.portswigger.net/customer/portal/articles/1969845-using-burp-to-test-for-the-owasp-top-ten) ?

    1 Agent Answer    1 Community Answer
    Apr 24, 2017 08:08PM UTC
  • Burp Infiltrator without DNS lookup

    Dear Portswigger Team, Thanks for the brilliant work on Burp Infiltrator. I frequently run Burp Collaborator in internal environments without any outbound Internet connectivity, which means I have to set up Burp Collaborator without DNS interaction support. As you mentioned in Burp Infiltrator's documentation, "The instrumentation hook performs a DNS lookup of the mutated Burp C...

    1 Agent Answer    0 Community Answer
    Apr 24, 2017 12:39PM UTC
  • Post-Macro extracting parameter from last response

    Hi, I am trying to run a request with a macro and post-macro to do this: Macro1 req1 / resp1 => extract param from rep1 Request get param from from last macro's response req / response (post)Macro2 extract param from last response (before post-macro run), and use it in req2 req2 / resp2 currently it only works before the post-macro run, the post-macro is not capab...

    1 Agent Answer    0 Community Answer
    Apr 10, 2017 04:26PM UTC
  • API to modify configuration of scanner via extension

    It would be very useful to have API to modify the configuration of the scanner via an extension to run specific active scan with custom configuration (like run scan without cookie etc).

    2 Agent Answers    1 Community Answer
    Mar 30, 2017 04:44PM UTC
  • "Resume" for Burp Collaborator Client

    Hello, Why can't we restore Burp Colloborator Client? It should be possible for pentesters to also save the results of Burp Collaborator Client and then restore, as with any other Burp tools. Thanks

    1 Agent Answer    0 Community Answer
    Mar 30, 2017 09:32AM UTC