Burp Suite User Forum

Login to post

Response Time Column in Intruder?

Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you

Last updated: Jun 17, 2020 05:47PM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Extending REST API functionality

Dear PortSwigger, We are doing pentests for our customers and we would are now developing some web interface in which we can feed urls and send them to to Burp REST API. We think that the API should and needs to be...

Last updated: Jun 17, 2020 08:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Ability to view the delay of a response in a column (Intruder)

May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

Last updated: Jun 16, 2020 12:17PM UTC | 3 Agent replies | 3 Community replies | Feature Requests

Display more information to Cookie jar viewer

Hi, when I open cookie jar (and/or edit cookie), I would like to see all possible information about cookies. This would include a presence of HTTPonly, SameSite, or Secure flags. At the moment, it's not present there. Would...

Last updated: Jun 16, 2020 08:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Session Tracking for non-Cookie based apps

The Macro editor and session tracking features only seem to allow for updating of Cookie Values through a macro when a session becomes invalid. I have an app that utilizes an Authorization header with a JWT as its value to...

Last updated: Jun 10, 2020 07:18PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Repeater used to show response time in ms. Now it shows byte size?

Byte size is not helpful since I can see response length in the message editor. How can I switch back to showing response time in Repeater in the bottom right-hand corner?

Last updated: Jun 10, 2020 09:47AM UTC | 5 Agent replies | 2 Community replies | Feature Requests

Persist column order of Proxy -> HTTP history tab in project or user settings

Hi, In Proxy -> HTTP (WebSocket) history tab I can change the order of columns so the columns I want to see goes first (e.g. URL, request time, ...) and others goes after. However this order isn't preserved between Burp...

Last updated: Jun 10, 2020 08:00AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Side-by-side View

Hi! Currently, displaying a request+response pair side-by-side is only possible in Repeater ("Repeater -> View -> Left/right split" from the menu bar) or via extensions like Flow or Logger++. I use this layout a lot and...

Last updated: Jun 09, 2020 09:43PM UTC | 3 Agent replies | 11 Community replies | Feature Requests

Filter - Hide Items Excluded from Scope

Hello! I just want to start by saying Burp Suite is fantastic, and there is no other tool I would rather use to proxy my Web Application Testing with. I was thinking how it might be nice to have the option to Hide items...

Last updated: Jun 09, 2020 09:58AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Lab: Basic clickjacking with CSRF token protection

Hi, I was working on Lab: Basic clickjacking with CSRF token protection and accidentally deleted Carlos account. Will you be able to reinstate Carlos's account for this lab exercise pls? Thank you....

Last updated: Jun 08, 2020 04:37PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Viewstate parser

Hi, In recent versions of Burp (As of v2020-03), the ViewState parser seems missing from the message editor view. This parser was a huge help during testing as it facilitated easy decoding and identifying viewstate...

Last updated: Jun 08, 2020 03:42PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Modified Requests and Responses in Repeater & Intruders

Hi, When we override processProxyMessage(), the modified requests and responses are logged in Burp. However, if we override processHttpMessage(): - Request: Only the initial unmodified request is logged - Response:...

Last updated: Jun 08, 2020 10:57AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Response Time Column in Intruder?

Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you

Last updated: Jun 03, 2020 10:12AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Devis pour Burp Enterprise

Bonjour, Nous souhaitons avoir un devis pour la solution Burp Enterprise OnPremise pour 5, 10, 15 et 20 agents ? Nous utilisons déjà les versions "Professional" de Burp et aimerions avoir un prix remisé. M. Madlon

Last updated: May 27, 2020 10:37AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Burp Enterprise and Extensions support

Hi, does the Burp Enterprise support extensions (from BApp store)? Or is this support in development roadmap? thanks pavel

Last updated: May 26, 2020 02:52PM UTC | 5 Agent replies | 5 Community replies | Feature Requests

Left/Right Split view on HTTP History

Team, I am requesting Left/Right Split view of Request and Response on HTTP History as like Repeater. Its would be very useful for search and comparison. Thanks in Advance.

Last updated: May 26, 2020 01:47PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Last updated: May 22, 2020 07:32AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Adding list of content types to Intruder lists

Hi, it would be perfect, if there was an official "list" of content types, which I could use in Burp Intruder for finding file upload related vulnerabilities:) Would it be possible to compile such list and simply add it...

Last updated: May 20, 2020 02:50PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Copy prettified JavaScript/JSON?

Hi, is it somehow possible in the new burp version (using Burp Pro 2020.4.1) to copy&paste the prettified JavaScript/JSON contents and not the un-prettified one to the clipboard? Would make reporting a bit nicer and more...

Last updated: May 19, 2020 01:59PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

match and replace for the websocket

Possible to add a match and replace for the websockets? Someone made a plugin for it in the past, but isnt working anymore.

Last updated: May 19, 2020 12:29PM UTC | 3 Agent replies | 4 Community replies | Feature Requests

Page 2 of 31

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image