SSO and LDAP integration for Burp Enterprise

After setting up the initial infrastructure and promoting the solution among projects, the team size quickly started to grow and it already became painful to manually manage the user accounts. It would be very beneficial...

Generate CSRF Poc

Hi, PortSwigger Team, Burp produces CSRF Poc, Support json request csrf poc?

Automatic Tab Naming in Repeater and Intruder

When sending a request from the proxy to Repeater or Intruder, if a comment exists, include that in the tab name in Repeater or Intruder. For example, I'm in Proxy and am looking at my initial auth request. I enter the...

Double click for parameter selection

Hello, Until recently, Burp Suite had a very useful feature that allowed the selection of the entire parameter name of value with a double click. Since a few updates ago, this was removed, with Burp Suite now behaving...

REST API | output all results when scanning same URL second time

Hi, I've been playing with the rest API, and found that when you audit the same url twice, the results from the first audit are not included in the results of the second audit. This is highly annoying obviously, as...

Timing requests

Add a feature in intruder/repeater to start requests at a specific time and not in a specific time

Hide From Proxy - Right-Click Option

It would be extremely useful to have a right-click option of 'Prevent Burp From Proxying' that could auto-regex a domain and remove it from showing up in proxy history (or any other tools). When testing a site with...

Intruder Filter - add "other"/"unknown"/"missing" Filter by status code

When I run Intruder, and I see "Error" in the results, because no response is sent by the server, I can't filter out such items by HTTP code (because there is none). Similar to filtering 2xx, 3xx, 4xx, 5xx could you add 1...

NVIDIA CUDA

Is it possible to add GPU accelerated scanning? It slows to a crawl when actively scanning a website, with CPU being maxed out. Thought if a powerful GPU is used, it would cut down on the time it needs to analyse the site...

Add the path requested in repeater in the target sitemap

Hello, Me and some other people find kinda annoying that the request sent in repeater are not added to the target sitemap. It would be super useful that it does or at least have the option to enable that. Thanks

Pretty with word wrapping support

Hi, I think it would be better if you guys support word-wrap for Pretty feature, since working with JSON, some of the values are long and we have to use horizontal scrollbar, and for copying and dragging, it's really worse...

Search field in Comparer and Order switch

Hello, It would be great to have a Searchfied in both Comparer windows and to be able switch the comparing priority between the 2 requests/responses on Comparer result window. thx

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

Information

What have you added to burpsuite as an alternative to spider?

Response Time Column in Intruder?

Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you

Extending REST API functionality

Dear PortSwigger, We are doing pentests for our customers and we would are now developing some web interface in which we can feed urls and send them to to Burp REST API. We think that the API should and needs to be...

Ability to view the delay of a response in a column (Intruder)

May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

Display more information to Cookie jar viewer

Hi, when I open cookie jar (and/or edit cookie), I would like to see all possible information about cookies. This would include a presence of HTTPonly, SameSite, or Secure flags. At the moment, it's not present there. Would...

Session Tracking for non-Cookie based apps

The Macro editor and session tracking features only seem to allow for updating of Cookie Values through a macro when a session becomes invalid. I have an app that utilizes an Authorization header with a JWT as its value to...

Page 1 of 31

Burp Suite Support Center

Your source for help and advice on all things Burp-related.