Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Reload latest extension shortcut

    Hi, it will be very useful during the plugin development to have a way (maybe a shortcut) to automatically reload latest loaded extension without need of user input (no message box etc) and without needed to change the tab. Thank you. Maurizio

    1 Agent Answer    1 Community Answer
    Jan 18, 2018 08:44PM UTC
  • Repeater rename tab names

    Hello, is it possible to add the functionality to change tabs name in repeater? It is cosmetic but could save a lot of time sometimes, especially with huge applications. Best Regards

    1 Agent Answer    2 Community Answers
    Jan 11, 2018 02:46PM UTC
  • Enable/disable cookie jar for Repeater from its tab

    During a pentest I find it very useful to switch on and off the ability to use cookies from the Burp cookie jar (for example authorization bypasses and so on). Having to navigate each time to project options, session and doing it manually is very impractical. I would like to be able to do it from Repeater view, have a hotkey for it would also be appreciated.

    1 Agent Answer    0 Community Answer
    Jan 10, 2018 07:59AM UTC
  • Intruder to show parameters

    It would be good for the Positions tab in Intruder to have a params tab to let you easily select a param value to test.

    1 Agent Answer    0 Community Answer
    Jan 09, 2018 10:59AM UTC
  • 1.7.30

    Hoping that either I am missing the obvious or in the next dot release that a 'deselect all' option/control will be added to the new choose for scanner features. Seems impractical right now to use if I only want to run one or two items.

    1 Agent Answer    0 Community Answer
    Jan 05, 2018 12:53AM UTC
  • Input returned in response (reflected) - detection in response header exclusion

    I have an environment in which there is request URI always reflected in the response “x-request-path” header. Would it be possible to have an option in Scanner -> Options -> Scan Issues -> Edit detection methods? I would like to see all the instanced in Body (which could lead to XSS or other issues), but at the moment I have too many false positives (1 for each parameter + URL path filena...

    1 Agent Answer    0 Community Answer
    Jan 03, 2018 03:04PM UTC
  • Repeater tabs renaming and re-ordering feature request

    Hi! It would be really useful if Burp allowed renaming and re-ordering the Repeater sub-tabs instead of only having fixed numbers. This would allow the user to organize requests and exactly know what each sub-tab has instead of having to go through all of them until finding the right one. During a pentest one can end up with tons of repeater subtabs Thanks!

    2 Agent Answers    2 Community Answers
    Dec 12, 2017 04:38PM UTC
  • Intercept for websockets should be able to honour the scope

    For client requests you can set it so that it only intercepts when the URL is in scope but for websockets it is either on or off. I've got all traffic going through Burp but only intercepting for my test sites but occasionally Firefox makes a websocket call out and that gets blocked by the interceptor. It would be nice to have the ability to tell the web socket interceptor to honour the...

    1 Agent Answer    1 Community Answer
    Dec 06, 2017 11:52AM UTC
  • Content Discovery Queued Tasks

    Hi, Could the queued tasks in the Discovery Session have the same functionality as the Scanner Scan Queue? This would allow the user to cancel individual discovery tasks to lower bandwidth/time, or to prioritise particular areas ahead of others. For example - during a recent long-running discovery scan, I was monitoring it and noticed a particular directory was flagged and added to the queue...

    1 Agent Answer    0 Community Answer
    Dec 01, 2017 08:15AM UTC
  • Feature Request

    Hi, Add option to split view request and response (side by side) in HTTP Proxy History (same as repeater view) Thanks!

    1 Agent Answer    0 Community Answer
    Nov 30, 2017 05:40AM UTC