Feature Requests - Page 7 - Burp Suite User Forum

Support multiple alphabets/custom alphabets for Base64 encoding/decoding detection

Decoder would be a lot more powerful if custom alphabets could be used against Base64 encoding out of the box. Several cases of Base64 encoding have been overlooked from my testing before because the parser for the server...

Facing issue with a CSRF attack

CSRF vulnerability with no defenses Can you reset this lab in my account.. I am unable to use wiener:peter as the login credentials. I am trying from last two days. I will be waiting for a positive respond.

Prevent out of scope from appearing in Proxy>HTTP History

Hello folks! I was wondering if there could be an enhancement to where if a host/IP is explicitly added to the "Exclude from scope" section within Project>Scope tab, that host/IP will not show up or appear within the...

Bchecks Export button

would it be possible to add an export button for Bchecks to be able to export one or many of the scripts.

Burp Search -> Show this Request in HTTP History

Hello! I enjoy the main Burp search functionality (Burp -> Search menu option) which allows you to look for a particular search term within the requests/responses in the Proxy history. It's great when trying to find the...

No more activation allowed for this license

ライセンスキーを入力後、以下メッセージが出力します。 "No more activation allowed for this license" サポートをお願いいたします。新しいライセンスキーの再発行でも構いません。よろしくお願いいたします。

Missing parameter 'csrf' as response to my request to upload php file

Hi Team, I am trying to solve lab "Web shell upload via Content-Type restriction bypass" I am facing an issue. I am changing the content type to "images/jpeg" and then sending the request to get my php exploit file...

Sitemap Presentation View

When writing reports for clients, I always try to show the client what I was able to discover while enumerating. It would be nice to have multiple ways of viewing the sitemap. Not only for presentation purposes but also for...

Unique URL

Hi Burp Suite team! Just wondering if you could add another filter in the HTTP history under Proxy tab where it would only show unique URLs(no duplicates).

burp suite professional

Dear Sir/Madam, My coworker had made a request for a Burp Professional Trial but it was not approved. Actually. we have already purchased one license of Burp Professional, now our management is considering purchasing...

Possibility to call extensions from Organizer

Hi there, The new Organizer feature looks promising. What I miss right now is the ability to select requests in Organizer and call an extension for those requests. So ContextMenuEvent should fire when a context menu is...

Two-step Intruder attacks

I'm testing a site where a PUT is altering a record, but the site only returns 202 Accepted. In order to find out if each payload ends up intact, altered, or causes an error, a separate request has to be made to the...

burp doesn't work Connection: close

I configured burp correctly, the latest version, however, after turning on the proxy, the page does not load, the handwheel is spinning around and in burp I have the following info: what should I do? GET /...

Platform Authentication

My app is using NTML authentication and set the platform authentication but unable to ntml authorization header in the burp request .

Saved/Personalized Intruder Attacks

Hi there! I think it would be very useful/helpful if Burp had an option to save custom intruder settings. For example, if as a researcher I tend to scan IP ranges using a sniper attack with numbers ranging from 1-255, I...

Filter by method

Currently the view filter supports status code but it would be helpful to also be able to filter by request method (GET, POST, PUT, etc). Thank you, Micah

Add HTTP Method as a value to the filter scope

The current scope dialog uses protocol, host/ip, port and file as a filter, however, there are times when it would be useful to filter on HTTP method too. For example when working with a RESTful interface that uses the...

Adding Discovery to the Montoya API

Hi, I'd like to write an extension that fits into the Content Discovery functionality. At the moment there's no Montoya API for the functionality I can find. Are Discovery overrides on the current API roadmap?

Resetting Labs and learning materials

hello,i want to reset all my progress(labs,learning path). Can u do that?

Accessibility

Hello, I have been using Burp Suite for some months now, and I would like to share my experience as a blind user. First of all, the majority of the interface is not navigable with a screen reader. This is due to the fact...