Burp Suite User Forum

Login to post

Graphql - need one more field for issues_type

Hello, I'm trying to pull all issues for a site and can get all I need from the following call but am missing one essential field, the severity. Can this be added? query GetScanIssues { scan(id: 30) { id ...

Last updated: Aug 05, 2021 03:07AM UTC | 2 Agent replies | 2 Community replies | Feature Requests

En-/disable interception from browser

Hi guys! Would it be possible to develop a browser extension, which allows controlling the interception? Thanks!

Last updated: Aug 03, 2021 10:37AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

[Burp Enterprise] Add issues as subtask for a site

It would be great to have the option of grouping issues of a site under the same "main task" and add the issues as Subtasks to that main task instead of getting new tasks for every new finding.

Last updated: Aug 02, 2021 03:59PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

User-defined shortcuts for extensions

Hi guys! Not sure if this is possible, but it would be very useful to be able to define keyboard shortcuts for extensions. Thanks!

Last updated: Aug 02, 2021 08:47AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Filter for HTTP verbs in search

Hi guys! I was thinking that it might be useful to be able to filter searches for HTTP verbs (e.g., only POST, only GET, etc.). Thanks!

Last updated: Jul 29, 2021 08:13AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Collaborator server catching specific ports

Hi, I'm not sure if it would be technically feasible, but would it be possible for the Collaborator server capture which port (UDP/TCP) was tried to be used? I mean if I simply do ssh XXX.burpcollaborator.net I receive only...

Last updated: Jul 28, 2021 08:10AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

CICD SARIF Output

The generic driver can already be wrapped by a Github action and be made to kick off scans on repo push or other events. However the current output options are not developer friendly in that it requires digging on their...

Last updated: Jul 27, 2021 03:04PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Ability to view the delay of a response in a column (Intruder)

May be very useful while testing for time based injection (sql, command, aso) to see the delay of a response returned by the remote webserver.

Last updated: Jul 26, 2021 12:41PM UTC | 6 Agent replies | 8 Community replies | Feature Requests

Hiding "non-interesting" headers in requests

Hi, Creating PoC pictures from Burp properly takes some effort to minimize requests (I know, there is extension for it). Also, on smaller screens (e.g. laptop), one sees the same headers over and over again, which for all...

Last updated: Jul 26, 2021 08:50AM UTC | 2 Agent replies | 0 Community replies | Feature Requests

parameter enumeration in DOM Invader

Hello Can you add support for client-side parameter enumeration? An example extension takes a list of parameters from the user Then you modify it to be added in the url After that, an iframe is created inside the page,...

Last updated: Jul 23, 2021 02:14PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Hotkeys - pause/resume all tasks

Hi, would it be possible to add a Hotkey "Toggle task execution" or something like that? We have Toggle Intercept on/off; but for "Resume task processing"/"Pause all tasks" I'm unable to find hotkey in User options -> Misc...

Last updated: Jul 23, 2021 01:29PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Gaming accessories

Gaming accessories - USA retailer of Cases, Screen protectors and other accessories for your Microsoft Xbox One S Controller & XBox 360. https://fommy.com/collections/gaming-accessories

Last updated: Jul 23, 2021 01:21PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Add HTTP Method as a value to the filter scope

The current scope dialog uses protocol, host/ip, port and file as a filter, however, there are times when it would be useful to filter on HTTP method too. For example when working with a RESTful interface that uses the...

Last updated: Jul 23, 2021 07:48AM UTC | 5 Agent replies | 5 Community replies | Feature Requests

Possibility to add comment for false positives

Hi, In Burp-Suite Enterprise, I think it would be interesting to have the possibility to enter a comment when we mark as false-positive an issue so that we can justify why we mark as false-positive this issue. Kind...

Last updated: Jul 22, 2021 10:45AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Collaborator - Could Timestamp include milliseconds?

A minor but really helpful feature request would be to have Collaborator display the timestamp with milliseconds that the request was received, when requests are received very rapidly (e.g. DNS + HTTP) it is sometimes...

Last updated: Jul 21, 2021 02:23PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

lab can't shows solved

When I solve labs they are not showing as solved when I redirect to the learning page.

Last updated: Jul 20, 2021 08:38AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Burp Suite Enterprise - SAML Authentication Issues

Hello Team, We have enabled SAML authentication for our Burp Suite setup, but we observed that burp suite does not verify user identity or display the user details on UI post login with SAML. There is no capability to manage...

Last updated: Jul 20, 2021 08:08AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Follow HTTP stream in proxy history and better relationship visualisation

Hi, Ok, let me start by saying I don't even know how to describe what I am requesting but in a nutshell It would be something similar to the "follow TCP stream" in Wireshark or the Maltego relationship...

Last updated: Jul 19, 2021 12:46PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Documentation of the BURP rest API

Hi, We would like to obtain the documentation of the rest API for burp suite pro. At the moment we use third party website to figure out the possible calls. For example, using the /v0.1/scan endpoint with a URL...

Last updated: Jul 16, 2021 09:01AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Burp Suite Enterprise vs Pro scanner feature differences

Good morning, While testing both Burp Suite Enterprise and Pro versions, a question arose. If you look at the Scanner function of the Enterprise or Pro version, I know that both perform vulnerability checks based on...

Last updated: Jul 14, 2021 10:37AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Page 4 of 45

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image