Burp Suite User Forum

Login to post

Websockets API support

I'm running into wss more as we see the shift towards single page, media rich applications. As such, I often find the need to implement custom deserialization of binary websockets messages. It would be helpful if I could...

Last updated: Dec 14, 2020 09:32AM UTC | 5 Agent replies | 17 Community replies | Feature Requests

Burp Chromium Browser Integration Improvements

Dear Portswigger Team, it would maybe be useful to have the (optional) feature to add the target scope URLs (basic) to the Chromium Web Browser as bookmarks espacially for each project. Opening a project with one URL in...

Last updated: Dec 11, 2020 02:11PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Inspector Ease of Use

Hi Portswigger Team, Could you please add ease-of-use improvements to the Inspector utility? In particular, it would be helpful to: - mark multiple request headers / parameters (with Ctrl key) and remove them at the...

Last updated: Dec 10, 2020 02:54PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Limitations for recorded login sequences

Hi Support, We are in need of testing a web application that relies on google sso pop up, and as you wrote "Burp Scanner is currently unable to replay login sequences that rely on popups or <iframe> elements." there is a...

Last updated: Dec 10, 2020 12:37PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Burp Start

Hi, Target Scope should be prompted once the user opens the burp suite so that we can configure automatically our target scope upon start up.

Last updated: Dec 08, 2020 10:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

API Scanning

Hi Team, I am unable to find configurations for API scanning I think its not available for trial version. Can you please look into this ? Many Thanks

Last updated: Dec 07, 2020 02:17PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Live passive crawl misses some information about HTML forms

Hello, the "Form submission" feature of passive crawling misses two features when adding to the site map: - it doesn't log the parameter names and values defined in HTML forms - it doesn't set the HTTP method (i.e. use...

Last updated: Dec 07, 2020 11:58AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Match & Replace for In-Scope Only

Hey, So I've been using Burp Suite, like usual, and suddenly, while testing, I noticed that my match & replace rules I've created are affecting out-of-scope domains, which makes a huge mess in the whole application, instead...

Last updated: Dec 07, 2020 08:35AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Need Rest apis to add a scanning feature on my website.

Hello, As you scan webapps to get vulnerability. I also want to add similar feature on my website. So do you provide REST apis for it?

Last updated: Dec 04, 2020 12:22PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Make it possible to filter only 404 (Not Found)

On different places you are able to filter your results. Also for status code like "4xx". But in many cases you want to see results like 403 or 401 but not 404.

Last updated: Dec 03, 2020 06:18PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Have a "V" Mark on Automatically Edited Requests or Responses

When I use Match & Replace, I don't see a "V" mark in the "Edited" column for requests or responses that were indeed automatically edited. I'm not sure if this is a bug or a feature request, but it'd be great to have...

Last updated: Dec 03, 2020 05:06PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Prompt before loading large responses

I frequently see large javascript responses exceeding 3MB. When I click on one of these, my instance of Burp freezes for around 20 seconds. Sometimes this click is accidental, or sometimes I simply don't notice the size of...

Last updated: Dec 03, 2020 11:32AM UTC | 4 Agent replies | 6 Community replies | Feature Requests

how we can capture API activity through a webpage scan.

We are Scanning a webpage and it contains both Web elements and API, When we do scan and Crawling tool is able to Parse the API's and we are not able to see any kind of request and response related to API. Please...

Last updated: Dec 03, 2020 11:24AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Match & Replace for Websockets

I know there was a post about it a few years ago, but I want to suggest this again: Match & Replace for Websockets. I know I can send them to the repeater and change from there, but I'm testing an application that has a...

Last updated: Dec 03, 2020 11:07AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Save Intruder Tabs on Close

Please provide ability to save Intruder tabs along with target, positions, payloads and options when Burp is closed. Currently Repeater tabs are saved but Intruder are not. When working on a long project for web...

Last updated: Dec 02, 2020 03:02PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Skip fields named 'password' by default in Active Scans

During a test where a username and password was passed in for every request to a web-service, I noted that it seemed reasonable to skip fields named 'password' by default in active scans. I added that to a comprehensive...

Last updated: Dec 02, 2020 09:17AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Proxy JS File Support

Working on-site sometimes we require to set upstream proxy servers to a JS file which switches the specific proxy/server to connect to based on the destination IP address. Support for this file format would be useful in...

Last updated: Dec 01, 2020 03:29PM UTC | 5 Agent replies | 1 Community replies | Feature Requests

Highlight built-in browser's traffic in Proxy History

It would be great if you can show requests made by Burp's built-in browser in a different colour to those requests generated by an external browser pointing at Burp. This would be really useful for when you are testing...

Last updated: Dec 01, 2020 02:27PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Increase distinction between application tabs and Repeater etc. tabs

Prior to the new UI, there was a gap of ~5 pixels between the main Burp tabs (Repeater, Intruder, etc.) and the tabs for an individual component, and the current tab was highlighted a different colour. In the new UI there is...

Last updated: Nov 30, 2020 03:49PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Hide From Proxy - Right-Click Option

It would be extremely useful to have a right-click option of 'Prevent Burp From Proxying' that could auto-regex a domain and remove it from showing up in proxy history (or any other tools). When testing a site with...

Last updated: Nov 30, 2020 03:20PM UTC | 3 Agent replies | 3 Community replies | Feature Requests

Page 4 of 38

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image