Feature Requests - Page 54 - Burp Suite User Forum

JSON decoder in "Decoder"

Hi PORTSWIGGER team, I would be really greatful if you add support for JSON decoding to "Decoder". Because usually I find URLs like https%3a\/\/www.google.com\/blablabla... and I have to use other decoder like unescape()...

Filter: add JSON MIME

I would like to see only JSON in proxy history, with the help of proxy history filter. Currently JSON is categorized as “Scripts” in MIME filter, but JSON are typically different from normal JavaScript, especially in the...

Save Scan Report Wizard Defaults in Project Settings

Hello! We use Burp Suite with the Carbonator extension to scan our site automatically during regression testing with Selenium. Being able to run the scanner and create reports using Burp Extender is very useful, but the...

Use Collaborator in manual testing

I want to use collaborator while manual site testing. I think my case is very typical - I found some not typical SSRF vulnerability (which can't detect active scan) and want to check it. Now I must use my own NS server,...

Content Discovery: custom wordlist

The Content Discovery functionality allow the use of built-in wordlists, but does not facilitate a custom word-/filelist. While the built-in wordlists are OK, sometimes it's useful to be able to define a custom list, just...

Http headers manipulation

Burp tool is manipulating my http origin and referrer header. Please provide a way around to disable that

Compare site maps Reporting feature request

Requesting that the compare site maps feature be able to generate a report of the comparison output after display filters are applied. This would make it convenient to be able to provide a target organization a list of each...

Session Handling rules

Hi. It would be nice to have an option to update the session headers in the session rules. There exist a simillar option that allows us to update parameters and cookies, so why not the headers? I had an issue where the body...

scroll with wheel in preview tab

Currently scroll wheel doesn’t work for the preview tab of a response. It works for all the other tabs. Even better if we can scroll horizontally by holding Shift when scrolling. See...

Scan for .DS_Store files

Check out this writeup: https://en.internetwache.org/scanning-the-alexa-top-1m-for-ds-store-files-12-03-2018/ It would be cool if burp suite could automatically check for .DS_Store files on websites, parse the content,...

Custom Attributes on issues

Add IssueAttributes[] to the IScanIssue object that would get exported with the xml report. Name/Value pairs would suffice, however, nested objects would be awesome. This new property would have to come with all the...

Add new request to outstanding Macro

I'm using Macro editor quite often for anti CSRF tokens, as well as session management. However, when I would like to add a single request to the current macro, I need to re-record the entire macro again. Would it be...

Allow Match and Replace to change destination hostname

Please allow the Match and Replace function to change the destination address as well. It would make it easier to test certain scenarios where requests have to be rediredted to different hosts.

Search through nested values

Hi, I've posted a FR on Twitter (https://twitter.com/ddouhine/status/938025572596412418) which has been added to the dev backlog but I put it here too in case of... BurpSuite handles nested insertion points for the...

In Repeater automatically add answers to the site map

Hello, I use the Repeater a lot to find new pages/behaviors on web servers but each time I find something interesting I need to right click on the response, click on "Add to site map" and then confirm. A total of 3 clicks...

One scanning queue per host ?

Hello, When you have to work on multiple targets (hosts) and launch a scan on all of them, the scanning time is slowed down because you have a single queue. This single queue means that Burp have to finish scanning host1...

Manually add a cookie in the cookie jar

Hello, I could be helpful to add a button in the Cookie Jar viewer window to manually "Add a cookie". Davy

Mouse over automatic decoding

Hi, It could be cool to have an automatic decoding (e.g: base64 decode) when you move your mouse over an encoded value anywhere in the tool (instead of selecting it, right-click on send to decoder, etc...). I know, i'm...

extension to the intruder api

Hi, I was wondering if you guys had any plans to bring an update to the burp-api, containing an extension of the api for the intruder? If not - it would be awesome if it were possible to use the intruders...

Global settings for SSL pass-through

It would be great if we can configure SSL pass-through globally. For example, Google Analysis and Google Translation are typically out of scope of ordinary user. Current per-project setting is expected to override global...