Feature Requests - Page 11 - Burp Suite User Forum

click tester

How do right-click tests assess the effectiveness of context-sensitive options and improve user interactions

Burp Collaborator Support for Proxy Protocol

When a private Burp Collaborator server is deployed behind a load balancer, for example, in a Kubernetes cluster, the source IP address of requests displayed in Burp will be the IP address of the load balancer rather than...

Burp Suite Data Sheet

Please provide the Burp Suite Features/Data Sheet

'Name/Rename' Burp Intruder saved attacks

Hi, It can be the case that pentesters would run many intruder attacks for different reasons, and it could be quite helpful if there is an option to 'name' the performed attacks - same as what one might do in the...

Extend BCheck Capabality

Adding BChecks was a great move by PortSwigger, however I feel they're missing a huge use case. Right now they're used as a scanning routine, across the app, with all checks. However to extend the massively would be to scan...

I accidentally closed the "examify" tab.

Hi im now cert exam. I accidentally closed the "examify" tab. i cant reopen help me pls.

Highlight Intercepted Requests

Often while working on web apps I like to review traffic with intercept turned on just to get an idea of the flow. It would be very slick if I could highlight and notate traffic right from the intercept panel so that when I...

Quick switch between projects

It would be helpful to be able to quick switch between projects once burp is open. As it is today, I have to: 1. close burp 2. reopen it and wait for it to load 3. select project from "Open existing project"...

Identify False Positives for Scanner

While performing a scan some issues that are identified are a false positive, which I can manually identify as such. It would be helpful if I can also identify to the Burp Scanner what specifically in the response that...

Progress not increasing

Hey there, I am going with flow in portswigger academy I finished up Broken access control with all labs but the learning material progress is stuck at 0%. What could be the possible solution for the same ?. Regards

Libraries

Hello, Would it be possible if burp lists the libraries that it uses (like bouncycastle, nimbus, fasterxml, etc) in the release notes. This would allow extensions to use the version already provided in burp, instead of...

Can't intercept flutter application using burpsuite

Hi Team, We are not able to intercept the flutter Application traffic in burp-suite. Questions: I) Is it possible to intercept traffic using? II) How can i intercept traffic using burp?

Concurrent Scans

Hi, I just want to know that, how many concurrent scans can we run with Buprsuite pro?

Ability to name save Intruder attacks to project file

Hi there, After running several intruder attacks and saving it to the project file it's really difficult to identify what each attack is without having to open it. It would be great if you could name them or mark them up...

Can BChecks call the specified check module?

My idea is to dynamically call other checks through one check for further processing The first check can hit sensitive information, and then call another bchecks file for further inspection. I don’t know if you can...

Burp Extension/API DOM Checks

When Burp performs DOM-based scanning, is it possible to utilize the API to extend the scanning to identify custom issues? For example, looking for the presence of certain content in the built DOM?

burp chromuim with dark mode

Where did the "Delete Account" feature go?

Earlier there was a "Delete Account" feature using which you could easily delete an account. But now it seems that user has to email support for deletion of his own account. Why the change?

BCheck Can an iterated list be read from a file ？

Is there a function like readFile for iterative list run for each: variable_name = "variable value 1", "variable value 2", etc. run for each: variable_name = {readFile("/tmp/payload.txt")}

CICD SARIF Output

The generic driver can already be wrapped by a Github action and be made to kick off scans on repo push or other events. However the current output options are not developer friendly in that it requires digging on their...