Feature Requests - Page 57 - Burp Suite User Forum

Manually add a cookie in the cookie jar

Hello, I could be helpful to add a button in the Cookie Jar viewer window to manually "Add a cookie". Davy

Mouse over automatic decoding

Hi, It could be cool to have an automatic decoding (e.g: base64 decode) when you move your mouse over an encoded value anywhere in the tool (instead of selecting it, right-click on send to decoder, etc...). I know, i'm...

extension to the intruder api

Hi, I was wondering if you guys had any plans to bring an update to the burp-api, containing an extension of the api for the intruder? If not - it would be awesome if it were possible to use the intruders...

Global settings for SSL pass-through

It would be great if we can configure SSL pass-through globally. For example, Google Analysis and Google Translation are typically out of scope of ordinary user. Current per-project setting is expected to override global...

Configuration problem

When i configure my burp suite proxy with my firefox browser they connect but when i browse anything browser show me error message how i solve this problem please help me

Preview bitmap images (BMP)

It would be great if we can preview bitmap images in proxy preview, just like how we preview HTML, JPEG and PNG traffics. MIME type is “image/bmp”. Burp seems to be built with Swing/AWT; if so, it should be easy to implement...

Add path to Basic Authentication forms if discovered

I like spidering, etc cetera while "do platform authentication" and "prompt for credentials on authentication failure" is enabled, because the pop up form shows me that there is some interesting on the site. But I don't...

Expose intercept state for Burp API

I am currently developing a burp extension and would like to be able to check the state of the "Intercept" button in the proxy tab. I am able to turn on/off the interception but am not able to poll the state. Thanks

Decoder - Save/Load to/from File

Hi, It would be really nice for further analysis of decoded stuff to be able to save each buffer of the "Decoder"-Tab into a file. It is hard to copy binary out of it. The only way i see currently is: encode as base64...

Recognize PDF types

Currently the “application/pdf” type is recognized as “app” instead of PDF. This is very common in HTTP response, so please label it correctly.

Ability to update all extension

It would be nice to have a way to update all the burp extension from the bapps at once. Having a button like "Update all" instead of having to do it one-by-one.

System to "back up" project files in case of crashes.

So as I understand it, the "Save State" functionality is being removed from Burp and being replaced by the project file. My only issue with this is that when Burp / the OS crashes, project files get corrupted. This morning...

An important feature request

Your spider tool should submit the contents of place holder along with the default parameters burp suite have, otherwise the tool miss some important input fields that contains vulnerabilities like sql injection.

Persistent Intruder Results

Hi, It would be great if intruder results were persistent and part of the project file. Maybe a "Results" subtab on the same level as "Target, Positions, Payloads, Options" within intruder. Thanks!

Save intruder

Hello, It would be great If we could save the intrusion tab.

Enable/disable cookie jar for Repeater from its tab

During a pentest I find it very useful to switch on and off the ability to use cookies from the Burp cookie jar (for example authorization bypasses and so on). Having to navigate each time to project options, session and...

Support Center Watch + Vote feature

Hi, I would like to ask if there could be a way in the future to flag some issues not reported by myself but rather other people, which I could subscribe to to receive an email with any new comment. So like "Watch"...

Intruder to show parameters

It would be good for the Positions tab in Intruder to have a params tab to let you easily select a param value to test.

Input returned in response (reflected) - detection in response header exclusion

I have an environment in which there is request URI always reflected in the response “x-request-path” header. Would it be possible to have an option in Scanner -> Options -> Scan Issues -> Edit detection methods? I would...

1.7.30

Hoping that either I am missing the obvious or in the next dot release that a 'deselect all' option/control will be added to the new choose for scanner features. Seems impractical right now to use if I only want to run one...