Feature Requests - Burp Suite User Forum

Selection option for different types of vulnerabilities

In the configuration, it is very hard to select single vulnerabilities, do we have any alternation to select only single issue type to scan

"Include relevant extract" in XML Report

Hello, as already requested by other users two years ago (http://forum.portswigger.net/thread/1088/populate-enable-include-relevant-extract) I think it would be very useful to add the "include relevant extract" option also...

Update Header in Session Handling/Macros

Hello, I'm working on an application that uses CSRF token for the login forms. The token is a hidden value in the webpage: E.g. <input name="CSRFToken" type="hidden"...

ONE OF THE SSRF LAB NOT WORKING

hi the SSRF with filter bypass via open redirection vulnerability lab is not working ,was trying to solve the lab the redirect is not going through ,not showing any any response even after deleting carlos ,that how it has...

requesting to change my name

2 Factor Authentication - BurpSuite Enterprise Edition

We tried to perform DAST for application which support 2 factor authentication. There should be option where Analyst should able to enter value where ever manual intervention is required like Captcha or OTP which will help...

Filter Settings

It is just from the usability point of view. In the earlier versions of Burp Suite Professional, the filter settings use to come as a drop down, so if we look for something, we can simply click outside of that filter...

Support for External DB MySql 8.x and MSSQL 2019

We were investigating a potential purchase of Burp enterprise and noticed that only some of the older DBs are supported. Is there any plans to add support for Mysql 8 or MSSQL 2019?

Select Specific Extensions For Active Scan

Hello, A very useful feature would be to save Scanner profiles that only include specific extensions. This would prevent having to manually disable irrelevant extensions every-time a new application with a specific set of...

Automatic upstream proxy retrieval

I think it would be quite useful to have an option when setting up upstream proxy servers where you tell burp to use the system proxy configuration. Burp would then : * Find in the system configuration the path to the pac...

Source IP addresses in Proxy/HTTP History

It would be great if an additional column for the source IP address would exist, so we could see which client makes the selected request.

Fix Burp Icon

BurpSuite icons (both for community and pro versions) don't match macOS design language. First they are way huge when comparing them to macOS pre installed apps like app store and so on, plus they have squared edges which...

Burp License

Dears, I need to extend trial license for further assessment to burp.

Repeater rename tab names

Hello, is it possible to add the functionality to change tabs name in repeater? It is cosmetic but could save a lot of time sometimes, especially with huge applications. Best Regards

XXE lab and some documents not working

There is an error while opening in XXE lab please help me in solving this issue. Sending you a screen shot so that you can hava an idea about it. Even I tried to contact via email but didn't get any response. Waiting for...

Bug Academy

The bug academy is not working for past two days i.e 20th and 21st of march even after rest of password for several times its shows error of login failed may i know the reason for that or is that so because i can only access...

Burb Suite Enterprise on GCP

Hi, Can anyone provide me the recommendation to deploy the BurpSuite Enterprise on the GCP environment? Thanks

Docker and Linux based packages vulnarability scan

HI Team We are planning to buy the burp suite Enterprise version this week. but before that, we are trying to preparing a questionary for the team members to discuss these Burp features. By that time, the team member...

Save Embedded Browser Settings

Any changes made to the settings of the embedded Chromium browser are reverted when the application is closed. This includes the removal of installed extensions. It would be helpful if the browser settings could be saved...

the Exploit Server that is used in some of Web Academy labs?

hi Im new I just want to know when i see the labs one the academy isee the exploit but how can i use the exploit when im testing in bug bounty like most the labs has page of script of exploits