Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Global settings for SSL pass-through

    It would be great if we can configure SSL pass-through globally. For example, Google Analysis and Google Translation are typically out of scope of ordinary user. Current per-project setting is expected to override global settings, including adding rules or disabling rules. That is, project setting should be able to specify that an SSL/TLS connection is passed through only if the hostname does *not...

    1 Agent Answer    0 Community Answer
    Feb 28, 2018 02:48PM UTC
  • Configuration problem

    When i configure my burp suite proxy with my firefox browser they connect but when i browse anything browser show me error message how i solve this problem please help me

    1 Agent Answer    0 Community Answer
    Feb 27, 2018 05:00AM UTC
  • Preview bitmap images (BMP)

    It would be great if we can preview bitmap images in proxy preview, just like how we preview HTML, JPEG and PNG traffics. MIME type is “image/bmp”. Burp seems to be built with Swing/AWT; if so, it should be easy to implement this feature, since Swing supports BMP natively. I made a Extender for this feature, but I really think BMP (as well as anything supported by JRE without third-party library) ...

    1 Agent Answer    0 Community Answer
    Feb 14, 2018 07:51PM UTC
  • Expose intercept state for Burp API

    I am currently developing a burp extension and would like to be able to check the state of the "Intercept" button in the proxy tab. I am able to turn on/off the interception but am not able to poll the state. Thanks

    2 Agent Answers    1 Community Answer
    Feb 07, 2018 09:38AM UTC
  • Decoder - Save/Load to/from File

    Hi, It would be really nice for further analysis of decoded stuff to be able to save each buffer of the "Decoder"-Tab into a file. It is hard to copy binary out of it. The only way i see currently is: encode as base64 and copy string and decode on console, which is not really practical.

    1 Agent Answer    0 Community Answer
    Feb 06, 2018 07:17AM UTC
  • Recognize PDF types

    Currently the “application/pdf” type is recognized as “app” instead of PDF. This is very common in HTTP response, so please label it correctly.

    1 Agent Answer    0 Community Answer
    Feb 04, 2018 08:14PM UTC
  • An important feature request

    Your spider tool should submit the contents of place holder along with the default parameters burp suite have, otherwise the tool miss some important input fields that contains vulnerabilities like sql injection.

    1 Agent Answer    0 Community Answer
    Feb 02, 2018 11:24AM UTC
  • Single thread possibility

    Hi, with your new update in changing the # of threads into # of concurrent rate limit; could it be possible to limit Active scan to a single thread? I test apps which often have very complex session management, or 1-time CSRF tokens, and I personally feel more confident in a single thread and scanning. Also the debugging of session management/problems with environment are much better with a ...

    3 Agent Answers    3 Community Answers
    Feb 01, 2018 01:12PM UTC
  • Add path to Basic Authentication forms if discovered

    I like spidering, etc cetera while "do platform authentication" and "prompt for credentials on authentication failure" is enabled, because the pop up form shows me that there is some interesting on the site. But I don't know where Burp found the 401 request. I don't like to filter or check the logs afterwards because this consumes time. Could you please add this ki...

    1 Agent Answer    1 Community Answer
    Jan 29, 2018 10:42AM UTC
  • Integrat Burp with TFS build

    Hello, Kindly I would like to know if we can integrate Burp with Microsoft Team Foundation Server (TFS) or if we can integrate the test result into TFS. Also, is possible to run the test as continuous integration? Thanks in advance BR/Obaida

    5 Agent Answers    4 Community Answers
    Jan 29, 2018 10:12AM UTC