Burp Suite User Forum

Showing Current Request with the Last Response from the Macro

When using Intruder/Repeater with "Post Request Macro" and setting "Pass back to the invoking tool:" = "The final response from the macro", Intruder/Repeater only show the pair of "the final request sent by Post Request...

Last updated: Apr 02, 2015 09:06AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Feature Request - intruder/scanner

Hi Team, I am Takeshi Sato from Japan. I am always using burp on my work so I have some feature requests. First request is regarding intruder. When I am using intruder, I often change the payload and I have to change...

Last updated: Apr 01, 2015 10:21PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Auto start certain Engagement tools

Target > Site map > right click on target URL > Engagement tools: Find comments - should auto start Find scripts - should auto start Find references already does this.

Last updated: Mar 12, 2015 03:52PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Add tests for SQL injection with Tabs rather than Spaces?

I was working through the Pentester Lab: Web For Pentester (https://www.vulnhub.com/entry/pentester-lab-web-for-pentester,71/) SQL injections, and the Example 2 injection rejects all inputs with spaces in them. Using TAB...

Last updated: Mar 09, 2015 04:15PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Out-of-Scope Requests

The following section: Options > Connections > Out-of-Scope Requests should be moved to Target Scope.

Last updated: Mar 05, 2015 01:58PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Every time the Burp is started, the previous Target - Scope and the Target Filter are reset.

Every time the Burp is started, the previous Target - Scope and the Target Filter are reset.

Last updated: Feb 25, 2015 03:07PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

save state wizard. (Exclude static content, Exclude by file extension)

Hi, result: huge state file. why? huge static web application with few dynamic pages New feature on the save state wizard: Exclude static content / export dynamic content only Exclude by file extension Thanks in...

Last updated: Feb 24, 2015 02:42PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Ability to Add to Scope from Proxy Intercept Tab

I do not believe this is possible today but I would like if there was an option "Add to scope" as one of the options under "Action" when intercepting packets. Thanks!

Last updated: Feb 13, 2015 09:51AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

State Management - Display the current State

During an engagement I will work with and save multiple states. Once I load or save a state I would like Burp to display the current state loaded. I tt would make it easier to manage all the various files. It would also...

Last updated: Feb 13, 2015 09:26AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

PHP extract() vulnerabilities

Please see this post about the risks of using PHP function extract() improperly: http://davidnoren.com/2013/07/03/php-extract-vulnerability/ At the end of the post are a few ideas on how to test for it. Unsure if those...

Last updated: Feb 10, 2015 11:58AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Ability to view the delay of a response in a column (Intruder)

May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

Last updated: Feb 05, 2015 04:28PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Remove duplicates

Scanner > Scan queue > sort by URL. Need a way to right-click and say "Remove Duplicates".

Last updated: Feb 02, 2015 10:39AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Automatically add repeater results to the site map

Hello, It would be nice if an option could be added to automatically add the repeater results to the site map. I work quite a lot with the repeater and it could be nice to have a direct access to search and other...

Last updated: Jan 29, 2015 01:51PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Ability to edit several rows on parameters viewing tab during editing of intercepted message

Ability to edit several rows (i.e. values/names of several POST parameters) on parameters viewing tab during editing of intercepted message (Proxy module) would helped a lot.

Last updated: Jan 26, 2015 10:04AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Brute Force

It would be nice if the burp pro spider had an option to "brute force" files and check for the most common 100 or so files in each directory. Will

Last updated: Nov 28, 2014 11:15AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

ShellShock

Hi Support, I’m just curious if you’re going to release anything for ShellShock (recent bash vulnerability) detection. Please let me know about your plans. Thanks, David

Last updated: Nov 27, 2014 10:55AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Page 28 of 28

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image