Burp Suite User Forum

Login to post

Burp Intruder Payload Type "File"

I couldn't find an option or even an extension that takes a list of files and uses the file contents in a POST request. This would be very useful to make file upload function tests more efficient. I imagine a new payload...

Last updated: Nov 24, 2022 06:06AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Expose IScanIssue Requests with Markers

Some scan issues contain marker information in the request/response for easier identification of issue, but there is no way to access these markers through the extender API. The IScanIssue.getHttpMessages() function...

Last updated: Nov 23, 2022 09:50AM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Unable to intercept traffic of mobile application hosted over VPN

Currently facing issues with intercepting the traffic using Burp Suite from a mobile application after whitelisting the public IP address. What is achieved so far: I. Able to intercept the traffic from mobile device’s...

Last updated: Nov 17, 2022 05:23PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Enable logging on the opening screen

Hello! I think that most business users always use logging. Unfortunately sometimes we forget to turn it on under Project Settings / Misc. Could you put a checkbox in the "New project on disk" section of the opening screen...

Last updated: Nov 17, 2022 01:56PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Persist column order of Proxy -> HTTP history tab in project or user settings

Hi, In Proxy -> HTTP (WebSocket) history tab I can change the order of columns so the columns I want to see goes first (e.g. URL, request time, ...) and others goes after. However this order isn't preserved between Burp...

Last updated: Nov 15, 2022 01:51PM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Reset

Can you reset all my labs expect sql injection and path traversal.

Last updated: Nov 15, 2022 09:23AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Cluster bomb - Username enumeration via account lock

Hi, Currently working on lab "Vulnerabilities in password-based login - Username enumeration via account lock", and after sending cluster bomb attack, there is no length variation for valid account. Even I divided in...

Last updated: Nov 15, 2022 08:33AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

is there any Linux ARM package version of Burpsuite pro?

Hi team, would like to request if it is possible to have a version of Linux ARM/M1 to be used within Linux virtualized using Parallels on MacOS M1/M2 CPU if that could be possible. Current version does not work on this box...

Last updated: Nov 14, 2022 09:22AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Dark Mode for Web Security Academy

As a learner we have to spend a lot of time spending time reading on Web Security Academy. Therefore, it would be very convenient if we had an option of dark mode too.

Last updated: Nov 14, 2022 08:57AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Regarding Java version

Hi, Recently we are seeing nessus vulnerability issue regarding the oracle java version as below: Plugins: 166316 Oracle Java SE Multiple Vulnerabilities (October 2022 CPU). "<plugin_output> Path :...

Last updated: Nov 11, 2022 03:08PM UTC | 7 Agent replies | 6 Community replies | Feature Requests

How does Burp Suite Enterprise choose when two configuration files conflict?

Hi, Team: We can upload more than two configuration files for a site in Burp Suite Enterprise (Settings > Configuration). but how does Burp Suite Enterprise choose when two configuration files conflict? The A...

Last updated: Nov 09, 2022 10:21AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Content Discovery Improvements

Hi, I raised this issue a year or two back (don't recall the outcome, but it is not yet a feature)and wanted to raise it and one other again. The Content Discovery feature produces too much noise in its default...

Last updated: Nov 08, 2022 12:58PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Multiple Extensions enabled on a single click

A user by selecting multiple plugins from the list can be enabled using a single click without each extension opening a separate widow. Include a separate tab to show which extensions did not load and their respective...

Last updated: Nov 08, 2022 12:26PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Selection on Inspector

When selecting text on repeater, on inspector it shows the number of bytes. It would be helpfull to see the number of bytes also in Dec but also in Hex. In particular when performing http smuggling attacks (transfer...

Last updated: Nov 08, 2022 11:50AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Burp Collaborator Mobile App

Dreamtime / blue sky request :-D Sometimes I'm in a situation where burp is installed on a machine that's not internet connected, but I'd still like to use the collaborator. It would be awesome if there could be a mobile...

Last updated: Nov 08, 2022 10:36AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

License Installation Limit

Hello, I have reached my license limit. I have activated the license in several VMs on my personal computer. If possible I'd require an additional activation.

Last updated: Nov 08, 2022 07:49AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Account 2FA BYPASS

Can anyone tell me how to bypass mega account recovery key it is important to me it has 10 bitcoin in it whoever securely bypass it I give 2 bitcoin to it.

Last updated: Nov 01, 2022 01:09PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

QUIC protocol support

Hello. Is there any future support for quic packet capture in Burp Suite Professional, and if so, when will it be available?

Last updated: Oct 31, 2022 12:09PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Burp Collaborator question

hi, Does Burp Suite Enterprise Edition support the use of a private Burp Collaborator? and how could it be used? thanks!

Last updated: Oct 28, 2022 01:33PM UTC | 5 Agent replies | 6 Community replies | Feature Requests

Providing UDP source ports in Burp Collaborator

Is it possible to provide UDP source ports of DNS queries via the IBurpCollaboratorInteraction interface? This would allow to easily analyze the randomness of used source ports, which makes it possible to find...

Last updated: Oct 28, 2022 12:52PM UTC | 4 Agent replies | 8 Community replies | Feature Requests

Page 1 of 53

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image