Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Collaborator Client

    Hi, It would be nice if the Collaborator Client also showed the Response, ie. bt0fqqbb5tbzo2v7jim1cvzjigz, when its copied to the Clipboard. I suspect there would be cases where I would want a different response for each Payload generated when using more than one. I'd also like to be able to save the entire set of requests and responses in one file. Thanks

    2 Agent Answers    98 Community Answers
    Nov 02, 2016 03:46PM UTC
  • A way to update previous requests in from your site map with your current authentication tokens

    Hi there I was wondering whether there was a feature and if not it would be useful if you could update requests from the HTTP history with current authentication cookies without the need of copy and pasting them. Just like active session management as opposed to manual. It would make retests easier and make my work flow faster. Just a thought anyway keep up the good work.

    1 Agent Answer    0 Community Answer
    Nov 01, 2016 04:17PM UTC
  • Extender API to add additional Decoder algorithms

    Currently, there is no option to add additional algorithms to the "Decoder" from within an extension. For my first developed extension, I need(ed) base64url encoding/decoding to be supported and had to add an additional tab panel to my extension. My feature request is to extend the "Extender API" to support custom "Decoder" algorithms. To mitigate any issues reg...

    0 Community Answer
    Oct 25, 2016 10:07AM UTC
  • Proxy tab Http history - display both request and response of the selected message

    Hello, It would be great, if by default both request and response are displayed in the Proxy Http History tab. In the current implementation, you have to choose request or response in the message view. Thank you Best regards Frantisek Uhrecky

    0 Community Answer
    Sep 27, 2016 08:37PM UTC
  • Use Collaborator in manual testing

    I want to use collaborator while manual site testing. I think my case is very typical - I found some not typical SSRF vulnerability (which can't detect active scan) and want to check it. Now I must use my own NS server, because can't check it with Burp Collaborator. What I want to see: - Send request to Repeater - Place collaborator payload in the request - Send it and get aler...

    1 Agent Answer    0 Community Answer
    Sep 27, 2016 11:46AM UTC
  • Extend API Functionality (Stream Proxy + WebSocket)

    Hi, I want to write new extensions for BurpSuite, For one of them i need To Set Stream Proxy (PyMultitor), For the other one i need to see WebSocket Raw Sockets To Show And Fuzz Every Parameter.

    1 Agent Answer    0 Community Answer
    Sep 23, 2016 09:42PM UTC
  • partial JSON config files

    Currently when starting a new burp project and loading it with a config file, you have to have every option filled in the JSON, otherwise it'll leave that field as blank in the new project. I'd really like it if you could just have your JSON config file contain what you wanted different ( like targets excluded from scope, regex to exclude on scanners, private burp collab server, etc),...

    2 Agent Answers    0 Community Answer
    Sep 21, 2016 01:47PM UTC
  • Custom response grep/extract/post-processing in Burp Intruder?

    Burp Intruder supports response grep by regexp, and shows every match in a separate column in result table. It would be helpful to create a custom response processor, written in any language (Python preferred), to generate an extra column value for each request. For example, for each request I need: 1. Access to body 2. Count "words" 3. Return integer value and display it in extr...

    1 Agent Answer    0 Community Answer
    Sep 20, 2016 03:39PM UTC
  • .NET plugins support

    Would be great giving .net support to develop burpsuite plugins

    1 Agent Answer    0 Community Answer
    Sep 16, 2016 12:25PM UTC
  • Burp Infiltrator destroys Spring Boot application

    Hi, when using Burp Infiltrator on a JAR file, which has been created as a Spring Boot application, then the application is not able to start, especially when embedded server is Jetty. Would be great if Burp Infiltrator would be able to support such JAR files! Thanks and Regards Denis

    1 Agent Answer    0 Community Answer
    Sep 16, 2016 07:06AM UTC