Burp Suite User Forum

Login to post

Save All Repeater Tabs in State File

See bug report here for context: https://support.portswigger.net/customer/portal/questions/11548096-not-all-repeater-tabs-saved-restored-via-state-file I send requests to Repeater as I explore an application, and go back...

Last updated: Jul 22, 2015 07:13PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Feature request (other ssl/tls protocol support)

What would compliment this great tool is the ability to support other protocols that run on SSL/TLS like SMTP secure and IMAP secure. There are other proxy like tools out there for these protocol yet none of them provide...

Last updated: Jul 21, 2015 07:48PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Intercept Queue

Would it be possible to add a "Queue" to the Intercept tab. This would show the requests/responses queued to be intercepted and they would be removed from the queue after they are intercepted. On occasions where there are...

Last updated: Jul 19, 2015 01:46PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Add "Close All Tabs" button to the Repeaster

In the repeater tab, I would like a “close all tabs” button. In the Mac-look-and-feel-GUI; if you click the X, the tabs auto-adjust slightly to re-center. Thus, you click X and move the mouse. Repeat 52 times (yes, I had...

Last updated: Jul 08, 2015 10:43AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

ASP.NET ValidateRequest bypass + tuning

According to my experience Burp Suite doesn't check for this type of ValidateRequest filter bypass: http://www.jardinesoftware.net/2011/07/17/bypassing-validaterequest/ Would it be possible to add this to the...

Last updated: Jul 08, 2015 08:02AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Hide from view based on MIME type

Hi, recently I came across a web server where certain categories of files (images, css) were having a filename of the format "_x-y" with no extension, where x and y is a alphanumeric value of a varying length of characters,...

Last updated: Jul 06, 2015 12:29PM UTC | 0 Agent replies | 1 Community replies | Feature Requests

Match -> Match/Replace.

I would like to beg this request again, as there is a need for feature. Here the use case. I would like to be able to Match/Replace based on Matching a different value. I have been told to write it myself, but that...

Last updated: Jul 03, 2015 07:06PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Provide option to pass unaltered response back to client

Recently we conducted an application assessment for an android application. The application communicated using gzip / deflate content encoding. Burp Suite was initially configured to unpack gzip/deflate encoded traffic via...

Last updated: Jun 29, 2015 10:11AM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Burp Porxy Features- Replay Request

Hi I would like to propose the following features in Burp. 1) Burp loads default profile:- Burp should allow users to specify the default template location. 2) Requests Replay :- We would like feed the requests...

Last updated: Jun 20, 2015 07:46AM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Burp signed SSL certificates throw warning in Chrome

When burp generates CA-signed per-host certificates, Google Chrome marks these sites as having "Weak Security configuration (SHA-1 signatures), so your connections may not be private. Screenshot:...

Last updated: Jun 11, 2015 08:03AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

UI - Scanner:Results - tag resolved findings

Hi, I would love to be able to tag findings as 'already worked on and resolved' or 'read'. Helps in case I go through findings while the active scan is still on (reason being lack of time). In current state new findings are...

Last updated: Jun 10, 2015 11:23AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

UI - shortcuts - 'set Severity, Confidence', global 'enable/disable Proxy Intercept'

I would like to have possibility to: - assign keyboard shortcuts to more actions, e.g.: in Scanner:Results - set Severity, Confidence level (I would use numkeys) - use global windows shortcut for some actions (e.g....

Last updated: Jun 10, 2015 11:22AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Good XSS detection

I'm somewhat disappointed. I conducted an nessus scan on a host, without entering any information. It found an XSS. When I did an active scan of the same host with Burp, Burp did not. It is a really easy to find XSS. I'm...

Last updated: Jun 01, 2015 08:39AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

UI - Scanner - selected tab persistence (like in Proxy)

Hi, I would like selected tab persistence when browsing through findings (exactly like in Proxy tab) - I select tab Response and it stays the selected one when I click on a different finding. A small thing, would help a lot...

Last updated: May 18, 2015 05:10PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Reflected input monitor for passive scanning

A new check should be introduced to passive scanner which will monitor all the requests and report if any of the input parameters get reflected in the response. This will be very useful in determining which parameters to...

Last updated: May 15, 2015 08:20AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Repeater and intruder for pentesting WebSockets

Hi, I'd love to see mentioned features implemented for pentesting WebSockets. Those features would be useful for testing both WS client and server. Also it would save me some time writing my own set of...

Last updated: May 13, 2015 01:08PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Find and replace in intruder

It would be nice to have a find and replace within intruder, saving the tester from burp <-> notepad copy & paste kung foo. Sometimes the HTTP requests are so massive that makes impossible to set each entry point one by one.

Last updated: May 11, 2015 12:31PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

Repeater UI - Fixed Placement of Tabs

I would like for repeater to not move the location of tabs when selecting new repeater tabs. This occurs when the user has a large number of repeater tabs open (which happens to me when testing API calls where we make one...

Last updated: May 11, 2015 09:19AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Open multiple links in a browser

Target > Site map > expand tree. 1. Select a grey link that has not been visited. Right click. Instead of Copy URL, add option to Open URL. 2. Select multiple links that have not been visited. Right click. Instead...

Last updated: May 06, 2015 05:10PM UTC | 0 Agent replies | 1 Community replies | Feature Requests

encoder stuff

Url encoding, would be nice if two options exist; one that encodes everything. and one that encodes just the characters that are necessary. I keep seeing apps that are microsoft stacks that seem to dislike characters that...

Last updated: Apr 28, 2015 12:39PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Page 43 of 45

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image