Burp Suite User Forum

Login to post

Content Discovery Response Regex Filtering

Since a lot of WAFs will return 200s instead of 404s for not found, can you add a regex option to filter responses found? For example, if the response matches the regex, then drop/ignore it so it doesn't clutter the Site...

Last updated: Oct 09, 2020 11:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Add online documentation on IAST

Hi, you have a very nice article on OAST https://portswigger.net/burp/application-security-testing/oast Could you please make something similar with IAST? Since you have Infiltrator, but it doesn't have a proper article,...

Last updated: Oct 09, 2020 10:09AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Response Capture in Repeater would be helpful

Hi, Capturing the responses on the repeater for response modification, Thank you. Regards

Last updated: Oct 08, 2020 01:02PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Show if a lab requires Burp Suite Pro - PortSwigger Academy

I find it really annoying trying to solve a lab only to look at the solution and discover you need BurpSuite Pro. All I would like is a little icon to show if it requires the pro version - which a lot of beginners who need...

Last updated: Oct 05, 2020 12:57PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Option to enable/disable automatic row shifts in repeater/intruder tabs

This is regarding the issue raised by paul https://forum.portswigger.net/thread/repeater-tab-changes-b9afea531603652 Say current repeater window has 31 tabs as I'm testing an API and each tab is a call. I've named them...

Last updated: Oct 05, 2020 09:27AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Local File Inclusion and Remote code execution request

Good evening portswigger. I recently started learning ethical hacking and bug bounty not too long ago. I have finished the The web application hackers handbook and I'm about half way through your web security academy and I'm...

Last updated: Oct 05, 2020 07:25AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

REST API - Crawl Only

Hi Burp Team, I would like two additional REST API endpoints that support crawl only functionality, mirroring the v2 UI. E.g. /crawl and /crawl/<taskid> Are there any plans to release this functionality in...

Last updated: Oct 02, 2020 09:10AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Decoder - URL and HTML encode special characters only

Can you please add the ability to Decoder to encode the special URL and HTML characters only? The need to do this comes up quite often during application testing. For example, when looking at the first lab of the burp...

Last updated: Oct 01, 2020 11:10AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Pretty with word wrapping support

Hi, I think it would be better if you guys support word-wrap for Pretty feature, since working with JSON, some of the values are long and we have to use horizontal scrollbar, and for copying and dragging, it's really worse...

Last updated: Oct 01, 2020 09:49AM UTC | 3 Agent replies | 3 Community replies | Feature Requests

Target - Sitemap - Highlight branch with color

Dear PortSwigger team, is it possible to include a feature to highlight a branch with a specific color in the Target/Sitemap/ panel? Thank you

Last updated: Sep 25, 2020 10:14AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Renaming Configuration name

Hi, I would love to retain old name of Configuration I chose prior to editing, or being able to set a new one. When I create an Audit configuration like "Audit only parameters", but I want to tweak it on-the-fly (e.g. by...

Last updated: Sep 24, 2020 11:19AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Intercept Turned On - Requests Not Captured on Proxy But Captured In Http History

Please note that the "Intercept" button is turned on & the Portswigger cert was imported into the browser. When using burp suite, sometimes the requests are not shown in the proxy tab but instead it's captured in the http...

Last updated: Sep 24, 2020 10:27AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Macro editor improvements

Hi, when debugging Macros, I need to remove/re-record macros many times until they are properly fine-tuned. Would it be possible to add enable/disable check-boxes for individual requests in Macro Editor? That would greatly...

Last updated: Sep 22, 2020 02:48PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Duplicate button in upstream proxy

Hi, could you please add "Duplicate" functionality for upstream proxies? Usually most of the destination hosts have identical proxy settings, and right now I need to copy+past everything multiple times. Thanks:)

Last updated: Sep 22, 2020 02:14PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

No more activations allowed for this license.

Dear team, I just migrated from windows laptop to another archlinux laptop, i activated license twice in windows and vm on the host. When i tried to activate burp pro in arch, it showed the issue 'No more activations...

Last updated: Sep 22, 2020 07:44AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Proxy Original Request Vs Edited Request

Love the new split view on the proxy history with the request/response! The drop down to flip between the original and edited though is a pain. Going back through the proxy history for reporting and flipping between these...

Last updated: Sep 21, 2020 04:10PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

highlight strings in modified request

I know that there is a comparer for this, but it would be quite useful if in the same proxy highlight the modified char/bin when you intercept. I want to add that the new selection of modified request makes it...

Last updated: Sep 21, 2020 12:29PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Save Embedded Browser Settings

Any changes made to the settings of the embedded Chromium browser are reverted when the application is closed. This includes the removal of installed extensions. It would be helpful if the browser settings could be saved...

Last updated: Sep 17, 2020 12:29PM UTC | 4 Agent replies | 3 Community replies | Feature Requests

OAuth authentication

At the moment, burp enterprise does not support Authenticated scanning with OAUTH and SSO. Going forward it is good to have a login sequence recorder to overcome such issues

Last updated: Sep 17, 2020 10:54AM UTC | 7 Agent replies | 9 Community replies | Feature Requests

Beautifier small enhancement

Hello, In the last versions the very good feature of viewing either "pretty" or "raw" in http viewer is very good - thanks for that. small issue there - when using the "pretty" mode than it is being applied on the...

Last updated: Sep 15, 2020 10:19AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Page 3 of 35

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image