Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
Full Documentation Contents | Burp Projects |
Suite Functions | Burp Tools |
Options | Using Burp Suite |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
API documentation | Writing your first Burp Suite extension |
Sample extensions | View community discussions about Extensibility |
Feature Requests
Post a feature request
-
Reload latest extension shortcut
Hi, it will be very useful during the plugin development to have a way (maybe a shortcut) to automatically reload latest loaded extension without need of user input (no message box etc) and without needed to change the tab. Thank you. Maurizio
1 Agent Answer 1 Community AnswerJan 18, 2018 08:44PM UTC -
Repeater rename tab names
Hello, is it possible to add the functionality to change tabs name in repeater? It is cosmetic but could save a lot of time sometimes, especially with huge applications. Best Regards
1 Agent Answer 2 Community AnswersJan 11, 2018 02:46PM UTC -
Enable/disable cookie jar for Repeater from its tab
During a pentest I find it very useful to switch on and off the ability to use cookies from the Burp cookie jar (for example authorization bypasses and so on). Having to navigate each time to project options, session and doing it manually is very impractical. I would like to be able to do it from Repeater view, have a hotkey for it would also be appreciated.
1 Agent Answer 0 Community AnswerJan 10, 2018 07:59AM UTC -
Intruder to show parameters
It would be good for the Positions tab in Intruder to have a params tab to let you easily select a param value to test.
1 Agent Answer 0 Community AnswerJan 09, 2018 10:59AM UTC -
1.7.30
Hoping that either I am missing the obvious or in the next dot release that a 'deselect all' option/control will be added to the new choose for scanner features. Seems impractical right now to use if I only want to run one or two items.
1 Agent Answer 0 Community AnswerJan 05, 2018 12:53AM UTC -
Input returned in response (reflected) - detection in response header exclusion
I have an environment in which there is request URI always reflected in the response “x-request-path” header. Would it be possible to have an option in Scanner -> Options -> Scan Issues -> Edit detection methods? I would like to see all the instanced in Body (which could lead to XSS or other issues), but at the moment I have too many false positives (1 for each parameter + URL path filena...
1 Agent Answer 0 Community AnswerJan 03, 2018 03:04PM UTC -
Repeater tabs renaming and re-ordering feature request
Hi! It would be really useful if Burp allowed renaming and re-ordering the Repeater sub-tabs instead of only having fixed numbers. This would allow the user to organize requests and exactly know what each sub-tab has instead of having to go through all of them until finding the right one. During a pentest one can end up with tons of repeater subtabs Thanks!
2 Agent Answers 2 Community AnswersDec 12, 2017 04:38PM UTC -
Intercept for websockets should be able to honour the scope
For client requests you can set it so that it only intercepts when the URL is in scope but for websockets it is either on or off. I've got all traffic going through Burp but only intercepting for my test sites but occasionally Firefox makes a websocket call out and that gets blocked by the interceptor. It would be nice to have the ability to tell the web socket interceptor to honour the...
1 Agent Answer 1 Community AnswerDec 06, 2017 11:52AM UTC -
Content Discovery Queued Tasks
Hi, Could the queued tasks in the Discovery Session have the same functionality as the Scanner Scan Queue? This would allow the user to cancel individual discovery tasks to lower bandwidth/time, or to prioritise particular areas ahead of others. For example - during a recent long-running discovery scan, I was monitoring it and noticed a particular directory was flagged and added to the queue...
1 Agent Answer 0 Community AnswerDec 01, 2017 08:15AM UTC -
Feature Request
Hi, Add option to split view request and response (side by side) in HTTP Proxy History (same as repeater view) Thanks!
1 Agent Answer 0 Community AnswerNov 30, 2017 05:40AM UTC