Feature Requests - Page 23 - Burp Suite User Forum

Free Trial

I have raised an request for free trial. I did not get the free trial license

I looked around the Internet and through the forums here. There are some references in the forums here, but I was unable to find any resolution. Is there any way to create a custom hotkey for an action that is not listed...

Issue Report Timestamps

As far as I'm aware, there currently is not a way to append timestamps of when each issue was audited/discovered to each individual issue/result in an Issue Report. The only possible related feature would be the fact that...

Authentication Multi factor lab - 2FA Broken Login

Hi, I've been trying to solve this lab for a while without success. I'm not receiving the 302 Found message for verify=Carlos. Here is the POST message I'm...

Scanner Timestamps

There is a need (I am sure we are not the only ones) to include Timestamps with each scanner result. Having a timestamp included for each result in the scan report would make the found vulnerabilities much easier to trace...

Remember column layout in HTTP history

Hello, I usually move the "Time" column to the left in the Proxy - HTTP history. But burp doesn't remember this. Neither in the stored project, nor in the project options or in the user options. I have to re-arrange this...

Adding an auto response from file feature

Hi, In fiddler, there is a feature called AutoResponder which allows setting a rule for a specific URL. If the rule matches, the file content set in the rule will be provided in the response instead of the original...

Professional version - Project file corrupt issue

I am using professional version but I get an error - "The selected project file appears to be corrupt and can not be opened" can you please help me in identifying what exactly the root cause it.

Save HTTP History TAB to PCAP file

Please add an option to save HTTP History TAB (in Proxy TAB) to PCAP file

Expose class/method/functions of burp extension via rest api in python

I am trying to figure out a way to expose few class/method/functions in python similar to this https://github.com/vmware/burp-rest-api ( java implementation ). Current challenge is how to import classes of extension in...

Completion of all labs

Is there any certificate or shareable document accessible to post on Linkedin or other sites that show my completion of all the labs? Or something that shows I have completed all the apprentice, practitioner, or expert labs?

Extender API for Custom OAST Servers

Collaborator is a great service that has recently had some competition via other OOB tooling in the last few years (interact.sh, canarytokens, etc.) It would be really handy for testing if PortSwigger could add (or...

Burp suite Inspector font change.

Hi team, normally, the Inspector font is not changed in the current version and becomes the default font. Although I have changed the HTTP message font, the "Inspector" font does not change. is this possible in the new...

Tabbed search

I would like to have a single search window and a possibility to perform multiple searches (and leave these open) with a tabbed interface. Preferably with an option in the user options to enable or disable tabbed search....

batch options import/paste

Hey there It would be possible to add a feature to allow batch (via import or just paste) options settings? use case: Need to add lots of domains to the "Intercept Client Requests" option as a intercept if not...

When deploying private burp collaborator, allow ability to add custom DNS records of A type.

Currently as mentioned in the docs: https://portswigger.net/burp/documentation/collaborator/deploying field "customDnsRecords" only allows us to specify optional DNS records of type TXT and CNAME, it makes sense for the...

Burp Scanner - Change Severity to False Positive

I thought I had previously submitted this under a Feature Request user forum, but later wasn't able to find it in any forum, so I'm posting again. If this ends up as a duplicate posting, my apologies. When resetting the...

Feature request regarding Burp's "Turbo Intruder" extension.

Naturally "Turbo Intruder" feels like native feature of Burp proxy. And I've found it strange that we can not specify multiple injection points within a single request. (using "%s" symbol) Kind regards, your fellow...

Using intruder and clusterbomb

I'm not sure what the reason is but when I try and used intruder and clusterbomb the 997 out of 998 of the domains said "INVALID". Is there something I'm doing wrong with the settings?

Maintain selection state

When using any module of burp that has a list of request/response items (so most modules), when you select one (or many) and then perform an action like highlighting, commenting, etc, burp then UNselects anything that was...