Feature Requests - Page 14 - Burp Suite User Forum

Highlight Intercepted Requests

Often while working on web apps I like to review traffic with intercept turned on just to get an idea of the flow. It would be very slick if I could highlight and notate traffic right from the intercept panel so that when I...

Quick switch between projects

It would be helpful to be able to quick switch between projects once burp is open. As it is today, I have to: 1. close burp 2. reopen it and wait for it to load 3. select project from "Open existing project"...

Identify False Positives for Scanner

While performing a scan some issues that are identified are a false positive, which I can manually identify as such. It would be helpful if I can also identify to the Burp Scanner what specifically in the response that...

Progress not increasing

Hey there, I am going with flow in portswigger academy I finished up Broken access control with all labs but the learning material progress is stuck at 0%. What could be the possible solution for the same ?. Regards

Libraries

Hello, Would it be possible if burp lists the libraries that it uses (like bouncycastle, nimbus, fasterxml, etc) in the release notes. This would allow extensions to use the version already provided in burp, instead of...

Concurrent Scans

Hi, I just want to know that, how many concurrent scans can we run with Buprsuite pro?

Ability to name save Intruder attacks to project file

Hi there, After running several intruder attacks and saving it to the project file it's really difficult to identify what each attack is without having to open it. It would be great if you could name them or mark them up...

Can BChecks call the specified check module?

My idea is to dynamically call other checks through one check for further processing The first check can hit sensitive information, and then call another bchecks file for further inspection. I don’t know if you can...

Burp Extension/API DOM Checks

When Burp performs DOM-based scanning, is it possible to utilize the API to extend the scanning to identify custom issues? For example, looking for the presence of certain content in the built DOM?

burp chromuim with dark mode

Where did the "Delete Account" feature go?

Earlier there was a "Delete Account" feature using which you could easily delete an account. But now it seems that user has to email support for deletion of his own account. Why the change?

BCheck Can an iterated list be read from a file ？

Is there a function like readFile for iterative list run for each: variable_name = "variable value 1", "variable value 2", etc. run for each: variable_name = {readFile("/tmp/payload.txt")}

CICD SARIF Output

The generic driver can already be wrapped by a Github action and be made to kick off scans on repo push or other events. However the current output options are not developer friendly in that it requires digging on their...

Issue with XSS-LABS

Hello, I'm solving the XSS labs and the alert fires as the solution explains but the 'congratulation you solved the lab' does not appear at all.

Window Configurations/Sizing Saved w/ Burp File

Hi there! I would absolutely love to see a feature in future releases that allows us to save the window configuration (the tab layout, the layout in the target tab, dashboard, etc) with the Burp file. Would be neat!

Prompt before loading large responses

I frequently see large javascript responses exceeding 3MB. When I click on one of these, my instance of Burp freezes for around 20 seconds. Sometimes this click is accidental, or sometimes I simply don't notice the size of...

Read Out Loud - Verbal Voice Lab Reading

I tend to have difficulties reading and obtaining the information simultaneously. Is there a chance to get a service, to press a "speaker-button", and it then proceeds to read out loud what is displayed within an explanation...

Lab: DOM XSS in sink using source document.writelocation.search APPRENTICE LAB Solved

link:https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink solution: "><svg onload=alert(1)> why this solution does not work? my solution: "><img onload=alert(1)>

Mystery Lab Challenge - Possible Enhancements

Hi PortSwigger Team! First I want to say thanks for all the material you have created for us to learn Web Security and for creating the new labs on GraphQL API testing. I want to share some feature requests I had...

Web Socket export and redirect

Hey team, I found this post: https://forum.portswigger.net/thread/cannot-log-traffic-to-file-from-websockets-59fdeace and just wanted to join the chorus requesting that we be able to have the ability to log/export...