Burp Suite User Forum

Login to post

SSO and LDAP integration for Burp Enterprise

After setting up the initial infrastructure and promoting the solution among projects, the team size quickly started to grow and it already became painful to manually manage the user accounts. It would be very beneficial...

Last updated: Jul 07, 2020 12:32PM UTC | 8 Agent replies | 8 Community replies | Feature Requests

Generate CSRF Poc

Hi, PortSwigger Team, Burp produces CSRF Poc, Support json request csrf poc?

Last updated: Jul 07, 2020 02:29AM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Automatic Tab Naming in Repeater and Intruder

When sending a request from the proxy to Repeater or Intruder, if a comment exists, include that in the tab name in Repeater or Intruder. For example, I'm in Proxy and am looking at my initial auth request. I enter the...

Last updated: Jul 06, 2020 06:33PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Double click for parameter selection

Hello, Until recently, Burp Suite had a very useful feature that allowed the selection of the entire parameter name of value with a double click. Since a few updates ago, this was removed, with Burp Suite now behaving...

Last updated: Jul 03, 2020 01:03PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

REST API | output all results when scanning same URL second time

Hi, I've been playing with the rest API, and found that when you audit the same url twice, the results from the first audit are not included in the results of the second audit. This is highly annoying obviously, as...

Last updated: Jul 03, 2020 10:35AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Timing requests

Add a feature in intruder/repeater to start requests at a specific time and not in a specific time

Last updated: Jul 02, 2020 03:37PM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Hide From Proxy - Right-Click Option

It would be extremely useful to have a right-click option of 'Prevent Burp From Proxying' that could auto-regex a domain and remove it from showing up in proxy history (or any other tools). When testing a site with...

Last updated: Jun 29, 2020 03:52PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Intruder Filter - add "other"/"unknown"/"missing" Filter by status code

When I run Intruder, and I see "Error" in the results, because no response is sent by the server, I can't filter out such items by HTTP code (because there is none). Similar to filtering 2xx, 3xx, 4xx, 5xx could you add 1...

Last updated: Jun 26, 2020 02:02PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

NVIDIA CUDA

Is it possible to add GPU accelerated scanning? It slows to a crawl when actively scanning a website, with CPU being maxed out. Thought if a powerful GPU is used, it would cut down on the time it needs to analyse the site...

Last updated: Jun 24, 2020 10:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Add the path requested in repeater in the target sitemap

Hello, Me and some other people find kinda annoying that the request sent in repeater are not added to the target sitemap. It would be super useful that it does or at least have the option to enable that. Thanks

Last updated: Jun 24, 2020 09:47AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Pretty with word wrapping support

Hi, I think it would be better if you guys support word-wrap for Pretty feature, since working with JSON, some of the values are long and we have to use horizontal scrollbar, and for copying and dragging, it's really worse...

Last updated: Jun 23, 2020 08:17AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Search field in Comparer and Order switch

Hello, It would be great to have a Searchfied in both Comparer windows and to be able switch the comparing priority between the 2 requests/responses on Comparer result window. thx

Last updated: Jun 22, 2020 01:17PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

Last updated: Jun 22, 2020 07:32AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

Last updated: Jun 22, 2020 07:32AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Information

What have you added to burpsuite as an alternative to spider?

Last updated: Jun 19, 2020 07:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Response Time Column in Intruder?

Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you

Last updated: Jun 17, 2020 05:47PM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Extending REST API functionality

Dear PortSwigger, We are doing pentests for our customers and we would are now developing some web interface in which we can feed urls and send them to to Burp REST API. We think that the API should and needs to be...

Last updated: Jun 17, 2020 08:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Ability to view the delay of a response in a column (Intruder)

May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

Last updated: Jun 16, 2020 12:17PM UTC | 3 Agent replies | 3 Community replies | Feature Requests

Display more information to Cookie jar viewer

Hi, when I open cookie jar (and/or edit cookie), I would like to see all possible information about cookies. This would include a presence of HTTPonly, SameSite, or Secure flags. At the moment, it's not present there. Would...

Last updated: Jun 16, 2020 08:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Session Tracking for non-Cookie based apps

The Macro editor and session tracking features only seem to allow for updating of Cookie Values through a macro when a session becomes invalid. I have an app that utilizes an Authorization header with a JWT as its value to...

Last updated: Jun 10, 2020 07:18PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Page 1 of 31

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image