Burp Suite User Forum

Login to post

Pre-defined extension list

Hi, I don't know if it has been suggested before, but a nice feature would be some way to load some extensions by default (like a whitelist/allowlist). Like I would to load by default "content type converter", "logger++"...

Last updated: Aug 19, 2020 07:21PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Target Site in the Intruder

Hi, Is it possible to add the option to change the target site in the intruder, to be able to set a payload set for it as well?

Last updated: Aug 19, 2020 10:29AM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Macro - Define custom parameter

Hi, Today for the first time I needed to use the macro feature in Burp. Together with a college we’ve puzzelt a bit while we were reading an access_token from a oAuth POST response that we needed to be added into a...

Last updated: Aug 19, 2020 09:25AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Postgres 11 support

Teradici is currently looking to migrate from PSql 9.6 to 11. I noticed in your documentation that you only support up to 10. Is there a timeline to move to 11?

Last updated: Aug 18, 2020 11:37AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Please allow embedded browser settings to be saved.

This has been brought up by others but I feel the need to amplify the message. Having to manually change settings and reinstall uBlock origin (at the very least) is unacceptably prohibitive. It's certainly less of a pain to...

Last updated: Aug 17, 2020 08:09AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Using both FQDN and IP at the same time for Collaborator

Would it be possible to add support for 2 Collaborator servers at the same time? Or rather having 1 server but being able to say that payloads should be tried for both domain name, as well as IP address? Sometimes our...

Last updated: Aug 13, 2020 10:20AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Last updated: Aug 12, 2020 06:54PM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Preview SVG Responses

The subject says it all. When there's a response with the following content type, it would be great to be able to see a preview with the embedded Chromium browser. Content-Type: image/svg+xml Thanks!

Last updated: Aug 12, 2020 09:44AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Proxy - > HTTP History: Remember the columns custom order

Hi, Please consider retaining/remember across project saved options the columns custom order. Personally, I do find very less appealing the effort I have to invest to manually order the current columns as I want to see...

Last updated: Aug 11, 2020 07:34AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Is it possible to make intruder payload based on the previous response?

Hello, I have 7 different payloads for 1 position The intruder needs to define conditional previous response, after that the payload will choose 1 from the 7 different payloads to the current post request. Is it...

Last updated: Aug 10, 2020 10:53AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Searching Web-socket History

Hi team, I was testing a Javascript application that made Websocket requests. I was trying to search sensitive parameters/calls in WebSocket history. They were making calls to update using values to the server using...

Last updated: Aug 09, 2020 04:48PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

match and replace for the websocket

Possible to add a match and replace for the websockets? Someone made a plugin for it in the past, but isnt working anymore.

Last updated: Aug 07, 2020 12:39PM UTC | 4 Agent replies | 5 Community replies | Feature Requests

Split pane view in "HTTP History" tab

The HTTP History tab would be improved by providing the option to have split panes for request and responses (i.e. like the Repeater tab). Doing so would make it cleaner and easier to scroll through request and response...

Last updated: Aug 06, 2020 03:51PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

In Search of a request or response, show which result you're on out of the total number of matches

As an example, in Proxy -> HTTP history, looking at a Response, entering a search term in the "search" box in the bottom of the window will show how many matches there are and you can use the arrows to the left to move...

Last updated: Aug 06, 2020 09:16AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Add explicit word-wrap option

The 'Pretty' option within the view panes for requests/responses is amazing; BUT once selected it removes soft wrapping. This makes it a huge pain to review large / long line requests and responses. Soft-wrapping should...

Last updated: Aug 05, 2020 08:54AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Do intercept is missing

The option called do intercept is missing from my burp suit and in repeater after i press go in the result page i can not able to make any changes

Last updated: Jul 31, 2020 09:04AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

License transfer

We bought Enterprise edition by PO Receipt date: 05 June 2020 Receipt number: 426891 Order number: B49E5E7B58 - unfortunately is only tied to my colleague's email account : POliphant@cftc.gov and this support is to...

Last updated: Jul 29, 2020 03:01PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

BurpSuite Enterprise - Real time retrieval of credentials from external source (Enterprise Credential Vault)

We would like to see a feature added to the Enterprise product that would allow for the real-time retrieval of credentials (associated with a scan configuration) from an external source. Enterprise security policies often...

Last updated: Jul 28, 2020 02:39PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Side-by-side View

Hi! Currently, displaying a request+response pair side-by-side is only possible in Repeater ("Repeater -> View -> Left/right split" from the menu bar) or via extensions like Flow or Logger++. I use this layout a lot and...

Last updated: Jul 27, 2020 08:08AM UTC | 4 Agent replies | 12 Community replies | Feature Requests

In proxy history, view both request and response in the same tab

I would be nice to have the possibility in the proxy history to view both request and response. This would be very helpful to view the flow of the application, having the possibility to view the history lower tab perhaps...

Last updated: Jul 24, 2020 07:58AM UTC | 5 Agent replies | 35 Community replies | Feature Requests

Page 5 of 35

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image