Burp Suite User Forum

Create new post

Dark Mode for Web Security Academy

As a learner we have to spend a lot of time spending time reading on Web Security Academy. Therefore, it would be very convenient if we had an option of dark mode too.

Last updated: Mar 18, 2024 11:03AM UTC | 19 Agent replies | 28 Community replies | Feature Requests

Support global variables

There are extensions that have some support for variables, but they seem like overkill for handling only variables. I can also achieve some of this with Session Handling Rules in Proxy Options, but it is not as easy when...

Last updated: Mar 16, 2024 12:46AM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Vulnerable Javascript Dependency

I need to inform that Burpsuite was not able to find the Momentjs vulnerability related to CVE-2022-31129 and CVE-2022-24785 in scans. Let me know if the said signatures are added in the burpsuite (in which versions). Need...

Last updated: Mar 14, 2024 11:18AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Proxy Original Request Vs Edited Request

Love the new split view on the proxy history with the request/response! The drop down to flip between the original and edited though is a pain. Going back through the proxy history for reporting and flipping between these...

Last updated: Mar 14, 2024 11:08AM UTC | 8 Agent replies | 8 Community replies | Feature Requests

Re-run specific Scanner Checks

It would be great to be able to re-run specific scanner checks to check to see if a finding was indeed fixed or not. I realize that most Scanner finding can simply be sent to the repeater and done that way, however, at...

Last updated: Mar 14, 2024 10:41AM UTC | 5 Agent replies | 5 Community replies | Feature Requests

Option to make "Auto-modified request" the default view option in HTTP history

I'd like to be able to set Burp's default behavior to always show the "Auto-modified" request and response in the HTTP history tab. Thank you.

Last updated: Mar 13, 2024 02:51PM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Request Length in Proxy History

Hello, Are there any plans to make the Request lengths visible in Proxy history? When looking at a series of requests to the same endpoint, you can currently see the Response lengths listed under "Length", but...

Last updated: Mar 13, 2024 10:31AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Persist column order of Proxy -> HTTP history tab in project or user settings

Hi, In Proxy -> HTTP (WebSocket) history tab I can change the order of columns so the columns I want to see goes first (e.g. URL, request time, ...) and others goes after. However this order isn't preserved between Burp...

Last updated: Mar 13, 2024 07:47AM UTC | 8 Agent replies | 7 Community replies | Feature Requests

Use Bambdas to filter based on Original request instead of Modified request

A typical usage pattern for me in application testing is that I will write python scripts to automate various attacks against endpoints &c. What I want to do is add a header each request of the form "Script-Name:...

Last updated: Mar 12, 2024 02:09PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Open Pro file using Community Edition

Is it possible to open a .burp file, in the Community Edition, that was created via Burp Suite Pro?

Last updated: Mar 08, 2024 10:33AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

ShortCut key APIs and Feature

Hi Team, I would like to recommend adding a feature to the APIs as well as to BurpSuite. For example, if I have selected a specific value in the request/response editor and I want to decode it, I have to open the menu...

Last updated: Mar 05, 2024 11:33AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

DOM Manipulation, DOM Checking

Dear Burp Suite Team, I'm interested in developing a Burp extension focused on analyzing elements within the DOM as they load. Currently, I've observed there isn't a built-in functionality within Burp Suite for directly...

Last updated: Mar 04, 2024 04:41PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Compare Prettified Requests / Responses

Minified HTML responses are extremely difficult to compare. When trying to compare two 100k byte responses that are in a single line, I either have to use a different tool or give up entirely. My request is, when a...

Last updated: Mar 04, 2024 01:39PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Academy Learning Material and Labs Reset

Hi Team, Could you please reset my academy learning materials as well as my Labs? Thank You.

Last updated: Mar 01, 2024 10:54AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

HTTP history column preferences

Hello, First off this is a truly awesome product, keep up the great work! I was wondering if there was a way to save the preferences of column order view in the HTTP history tab under Proxy. I often like to drag the...

Last updated: Mar 01, 2024 08:35AM UTC | 9 Agent replies | 21 Community replies | Feature Requests

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Last updated: Feb 27, 2024 03:25PM UTC | 9 Agent replies | 8 Community replies | Feature Requests

Burp Suite Enterprise -- Metadata/Tags/key-value store for sites

We would like to add tags to the sites we're scanning with Burp Suite Enterprise, something that helps us integrate with BI and Vulnerability Management solutions to relate a site to different lines of business, clients,...

Last updated: Feb 26, 2024 10:05AM UTC | 1 Agent replies | 6 Community replies | Feature Requests

Burp Enterprise, disable Http/2 requests configuration option

Hello, I've been in discussion with support via email already but wanted to post this here. We have a situation where burp is identifying the application we are scanning uses Http/2 when in actuality, it doesn't and it...

Last updated: Feb 23, 2024 11:07AM UTC | 4 Agent replies | 4 Community replies | Feature Requests

Platform Authentication settings: allow multiple entries with same host

For the moment only one Platform authentication entry is allowed per destination host. If the user tries to set up a second entry that has the same destination host, Burp will not allow it. However, it is useful during...

Last updated: Feb 23, 2024 09:07AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Some Suggestion About Extension

Wish extensions API can do those thing: 1. encoding function for inspector 2. highlight text in Message Editor by passing multi ranges 3. get error message if HTTP request error (timeout or other error) 4. Intruder...

Last updated: Jan 12, 2024 04:45PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Page 2 of 63

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image