Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Feature Requests

Post a feature request

  • Add more options for Logging

    Hi team: Logging options are able to select the tool that you want log and select request or response, but I think that is necessary add a field where you can define a regular expression to log only the request and/or response that math with the condition specified. Best regards and good work!!!

    0 Community Answer
    Jun 08, 2016 08:56AM UTC
  • Multiple Cookie Jars

    It would be great to have multiple cookie jars to operate with. Macros/Rules could specify which cookie jar they want to use and also a global option could specify the default cookie jar to maintain the current behaviour. This would allow to do tests on different sessions and/or use session rules to login/out without altering your global cookie jar.

    1 Agent Answer    0 Community Answer
    Jun 07, 2016 09:32AM UTC
  • Support TLS decryption with pre-master secret

    We are currently building a tool for extracting pre-master secret (PMS) values from memory of mobile devices. It would be great if Burp supported the decryption of TLS traffic with a list of PMS values just like Wireshark can (https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/). If this too much of a stretch for a feature request, do you believe this f...

    1 Agent Answer    0 Community Answer
    Jun 03, 2016 10:48PM UTC
  • global parameters

    Burp contain few tools that allows export data, like Logging.. turn the project name and some other parameters to a global parameter will allow to use it while exporting data. for example, in the logging tool while picking to save log, burp ask for file name. using the project name will enable automatic logging. like c:\%projectname_%toolname_%date

    0 Community Answer
    Jun 03, 2016 10:08AM UTC
  • Capability to scan React.js

    As per the title - is Burp capable or truly scanning React.js built applications? Does anyone have any experience of this?

    2 Agent Answers    2 Community Answers
    Jun 02, 2016 02:36PM UTC
  • Advanced payload positioning system in Intruder

    Problem: Currently, payload positions are based on where exactly the payload is positioned in the document. This is a very static approach has some drawbacks: - Difficult to correlate payload with payload-number if there are a lot of different payload positions. I'm often switching back and forth between the tabs to see which payload is which - Not possible to assign the same payload to ...

    1 Agent Answer    0 Community Answer
    May 30, 2016 11:40AM UTC
  • Web interface (or other out-of-band) "emergency save state" function for use when UI has l...

    Burp is a truly fantastic product. However, I regularly encounter situations in which the GUI for it locks up. Of course, this tends to happen when I'm in the middle of a pen test and haven't saved my state for an hour or so. I have to kill the process and lose a bunch of work. I believe the current recommendation for this is still "use the auto-save feature". I don't d...

    1 Agent Answer    0 Community Answer
    May 19, 2016 07:02PM UTC
  • seperate issue window that is detachable

    hi, I really liked the old burp where the issues found by scanner are in the scanner window's tab. Now its in the target tab and for me it making me difficult to work with. contents frame in the sitemap tab has been minimize, and i cant really detach Issue frame. A feature for detaching Issue frame along with advisory would be nice one to have I suppose. please let me know if there is...

    1 Agent Answer    0 Community Answer
    May 19, 2016 03:29PM UTC
  • Archive or clear requests without deleting them?

    Sometimes in a large project, I may have 40000+ requests. This makes filtering very slow and sometimes appears to make Burp freeze. Is there any way to remove requests from the current list without deleting them? I still want to keep them all in my logs.

    1 Agent Answer    0 Community Answer
    May 13, 2016 11:10AM UTC
  • Collaborator interface for extensions

    Although extensions can perform active and passive scans, AFAIK they have no access to collaborator, thus cannot verify out-of-band interaction. Am I mistaken? If no, it would be a great thing to have.

    1 Agent Answer    0 Community Answer
    May 13, 2016 09:51AM UTC