Feature Requests - Page 55 - Burp Suite User Forum

Configuration problem

When i configure my burp suite proxy with my firefox browser they connect but when i browse anything browser show me error message how i solve this problem please help me

It would be great if we can preview bitmap images in proxy preview, just like how we preview HTML, JPEG and PNG traffics. MIME type is “image/bmp”. Burp seems to be built with Swing/AWT; if so, it should be easy to implement...

Add path to Basic Authentication forms if discovered

I like spidering, etc cetera while "do platform authentication" and "prompt for credentials on authentication failure" is enabled, because the pop up form shows me that there is some interesting on the site. But I don't...

Expose intercept state for Burp API

I am currently developing a burp extension and would like to be able to check the state of the "Intercept" button in the proxy tab. I am able to turn on/off the interception but am not able to poll the state. Thanks

Decoder - Save/Load to/from File

Hi, It would be really nice for further analysis of decoded stuff to be able to save each buffer of the "Decoder"-Tab into a file. It is hard to copy binary out of it. The only way i see currently is: encode as base64...

Recognize PDF types

Currently the “application/pdf” type is recognized as “app” instead of PDF. This is very common in HTTP response, so please label it correctly.

Ability to update all extension

It would be nice to have a way to update all the burp extension from the bapps at once. Having a button like "Update all" instead of having to do it one-by-one.

System to "back up" project files in case of crashes.

So as I understand it, the "Save State" functionality is being removed from Burp and being replaced by the project file. My only issue with this is that when Burp / the OS crashes, project files get corrupted. This morning...

An important feature request

Your spider tool should submit the contents of place holder along with the default parameters burp suite have, otherwise the tool miss some important input fields that contains vulnerabilities like sql injection.

Persistent Intruder Results

Hi, It would be great if intruder results were persistent and part of the project file. Maybe a "Results" subtab on the same level as "Target, Positions, Payloads, Options" within intruder. Thanks!

Save intruder

Hello, It would be great If we could save the intrusion tab.

Enable/disable cookie jar for Repeater from its tab

During a pentest I find it very useful to switch on and off the ability to use cookies from the Burp cookie jar (for example authorization bypasses and so on). Having to navigate each time to project options, session and...

Support Center Watch + Vote feature

Hi, I would like to ask if there could be a way in the future to flag some issues not reported by myself but rather other people, which I could subscribe to to receive an email with any new comment. So like "Watch"...

Intruder to show parameters

It would be good for the Positions tab in Intruder to have a params tab to let you easily select a param value to test.

Input returned in response (reflected) - detection in response header exclusion

I have an environment in which there is request URI always reflected in the response “x-request-path” header. Would it be possible to have an option in Scanner -> Options -> Scan Issues -> Edit detection methods? I would...

1.7.30

Hoping that either I am missing the obvious or in the next dot release that a 'deselect all' option/control will be added to the new choose for scanner features. Seems impractical right now to use if I only want to run one...

HTTP Parameter Pollution

Are there plans to implement HTTP Parameter Pollution tests? More info: https://www.owasp.org/index.php/Testing_for_HTTP_Parameter_pollution_%28OTG-INPVAL-004%29

Repeater tabs renaming and re-ordering feature request

Hi! It would be really useful if Burp allowed renaming and re-ordering the Repeater sub-tabs instead of only having fixed numbers. This would allow the user to organize requests and exactly know what each sub-tab has...

Intercept for websockets should be able to honour the scope

For client requests you can set it so that it only intercepts when the URL is in scope but for websockets it is either on or off. I've got all traffic going through Burp but only intercepting for my test sites but...

Feature Request

Hi, Add option to split view request and response (side by side) in HTTP Proxy History (same as repeater view) Thanks!