Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Enterprise advanced URL control

I'm currently trialling burp enterprise at the BBC and am struggling with scoping a scan because I can't use regexs in the advanced URL control for a site. The BBC is heavily TLD oriented so trying to scan /iPlayer means...

Last updated: Jul 10, 2020 01:09PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

automatically install new updates

It would be nice to have a real auto update that does not require to manually launch the installer and clean up dmg files.

Last updated: Jul 09, 2020 12:49PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Automatic Tab Naming in Repeater and Intruder

When sending a request from the proxy to Repeater or Intruder, if a comment exists, include that in the tab name in Repeater or Intruder. For example, I'm in Proxy and am looking at my initial auth request. I enter the...

Last updated: Jul 08, 2020 11:28AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Generate CSRF Poc

Hi, PortSwigger Team, Burp produces CSRF Poc, Support json request csrf poc?

Last updated: Jul 08, 2020 08:44AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Double click for parameter selection

Hello, Until recently, Burp Suite had a very useful feature that allowed the selection of the entire parameter name of value with a double click. Since a few updates ago, this was removed, with Burp Suite now behaving...

Last updated: Jul 03, 2020 01:03PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

REST API | output all results when scanning same URL second time

Hi, I've been playing with the rest API, and found that when you audit the same url twice, the results from the first audit are not included in the results of the second audit. This is highly annoying obviously, as...

Last updated: Jul 03, 2020 10:35AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Intruder Filter - add "other"/"unknown"/"missing" Filter by status code

When I run Intruder, and I see "Error" in the results, because no response is sent by the server, I can't filter out such items by HTTP code (because there is none). Similar to filtering 2xx, 3xx, 4xx, 5xx could you add 1...

Last updated: Jun 26, 2020 02:02PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

NVIDIA CUDA

Is it possible to add GPU accelerated scanning? It slows to a crawl when actively scanning a website, with CPU being maxed out. Thought if a powerful GPU is used, it would cut down on the time it needs to analyse the site...

Last updated: Jun 24, 2020 10:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Add the path requested in repeater in the target sitemap

Hello, Me and some other people find kinda annoying that the request sent in repeater are not added to the target sitemap. It would be super useful that it does or at least have the option to enable that. Thanks

Last updated: Jun 24, 2020 09:47AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Search field in Comparer and Order switch

Hello, It would be great to have a Searchfied in both Comparer windows and to be able switch the comparing priority between the 2 requests/responses on Comparer result window. thx

Last updated: Jun 22, 2020 01:17PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

Last updated: Jun 22, 2020 07:32AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

I want to ask before buying the key burpsuite pro

I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...

Last updated: Jun 22, 2020 07:32AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Information

What have you added to burpsuite as an alternative to spider?

Last updated: Jun 19, 2020 07:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Extending REST API functionality

Dear PortSwigger, We are doing pentests for our customers and we would are now developing some web interface in which we can feed urls and send them to to Burp REST API. We think that the API should and needs to be...

Last updated: Jun 17, 2020 08:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Display more information to Cookie jar viewer

Hi, when I open cookie jar (and/or edit cookie), I would like to see all possible information about cookies. This would include a presence of HTTPonly, SameSite, or Secure flags. At the moment, it's not present there. Would...

Last updated: Jun 16, 2020 08:52AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Session Tracking for non-Cookie based apps

The Macro editor and session tracking features only seem to allow for updating of Cookie Values through a macro when a session becomes invalid. I have an app that utilizes an Authorization header with a JWT as its value to...

Last updated: Jun 10, 2020 07:18PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Repeater used to show response time in ms. Now it shows byte size?

Byte size is not helpful since I can see response length in the message editor. How can I switch back to showing response time in Repeater in the bottom right-hand corner?

Last updated: Jun 10, 2020 09:47AM UTC | 5 Agent replies | 2 Community replies | Feature Requests

Lab: Basic clickjacking with CSRF token protection

Hi, I was working on Lab: Basic clickjacking with CSRF token protection and accidentally deleted Carlos account. Will you be able to reinstate Carlos's account for this lab exercise pls? Thank you....

Last updated: Jun 08, 2020 04:37PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Modified Requests and Responses in Repeater & Intruders

Hi, When we override processProxyMessage(), the modified requests and responses are logged in Burp. However, if we override processHttpMessage(): - Request: Only the initial unmodified request is logged - Response:...

Last updated: Jun 08, 2020 10:57AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Response Time Column in Intruder?

Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you

Last updated: Jun 03, 2020 10:12AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

36 37
38
39 40

Page 38 of 64

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image