Feature Requests - Page 57 - Burp Suite User Forum

Session Handling Rule - On Failure - Switch Proxy

I sometimes find in performing test that there are devices in place that lock out web activities for 5-10 mins if too many perceived attacks are seen. I think it would be great to have a session handling rule that would...

partial JSON config files

Currently when starting a new burp project and loading it with a config file, you have to have every option filled in the JSON, otherwise it'll leave that field as blank in the new project. I'd really like it if you could...

Cannot down load

I am unable to download can you send me a link to my product, thank you. And I could definitely use a new feature, I think my boyfriend is cheating on me any burp suite could help me out? Amy

IResponseVariations - set attribute

Hi, I saw the new IResponseVariations API... They are great! To increase the power of these new API, It would be great to be able to add custom attributes. In this way a user can add an attribute and write his own code...

Add "Invoke Extension" to "Session Handling Action Editor"

The "Session handling action editor" has a dropdown menu with two options to "Define behavior dependent on session validity": - Prompt for in-browser session recovery - Run a macro I would like to see "Invoke a Burp...

Collaborator Client

Hi, It would be nice if the Collaborator Client also showed the Response, ie. bt0fqqbb5tbzo2v7jim1cvzjigz, when its copied to the Clipboard. I suspect there would be cases where I would want a different response for each...

Preview insertion points in upcoming scans in scan queue

It would be nice to see the insertion point count on upcoming scans in the queue to good idea of what kinda of time it's going to take to scan the upcoming items. if you see you have 40 links all with 200+ insertion...

Scan for ONLY burp suite plugin (custom insertion point)

I'd like to be able to launch only my plugin during a scan. I think the scanner tab should perhaps have the option of enable/disabling a plugin in addition to the other [x] enable/disable buttons. Lets say I only want to do...

A way to update previous requests in from your site map with your current authentication tokens

Hi there I was wondering whether there was a feature and if not it would be useful if you could update requests from the HTTP history with current authentication cookies without the need of copy and pasting them. Just...

Proxy tab Http history - display both request and response of the selected message

Hello, It would be great, if by default both request and response are displayed in the Proxy Http History tab. In the current implementation, you have to choose request or response in the message view. Thank you Best...

Extend API Functionality (Stream Proxy + WebSocket)

Hi, I want to write new extensions for BurpSuite, For one of them i need To Set Stream Proxy (PyMultitor), For the other one i need to see WebSocket Raw Sockets To Show And Fuzz Every Parameter.

Custom response grep/extract/post-processing in Burp Intruder?

Burp Intruder supports response grep by regexp, and shows every match in a separate column in result table. It would be helpful to create a custom response processor, written in any language (Python preferred), to...

HTTPS MitM : Export functionality of the per-host generated server certificate / key

Dear In order to be able to decrypt HTTPS traffic in Wireshark[0], one would need the private key linked to the certificate. Would it be possible to include an export functionality of the private key / certificate which...

.NET plugins support

Would be great giving .net support to develop burpsuite plugins

Proxy Intercept window: show proxy listener that received the request

Sometimes I configure Burp with multiple proxy listeners going through the same instance. The Proxy History does a great job at being able to separate the traffic with both a dedicated column for the target port and also a...

Burp Infiltrator destroys Spring Boot application

Hi, when using Burp Infiltrator on a JAR file, which has been created as a Spring Boot application, then the application is not able to start, especially when embedded server is Jetty. Would be great if Burp...

Disable popup window for automatic backups

When automatic backups are enabled, a window pops up and gains operating system focus to display backup process. When Burp is not the active Window, this can interrupt use of other applications. This is common for...

Scanner Check For target="_blank" Vulnerability

Hi Portswigger, I would like to see a check added for links with target="_blank" without the rel="noopener noreferrer" attribute. The author of the below article demonstrates that the site which is linked to is able to...

Decoder 'Wrap Text' option

Can we have a little tick box on the decoder window to auto wrap text. I hate horizontal scrolling like most people!

Add more functionality in "Discover Content"

Hello , you could add more functionality in "Discover Content" like the functionality of a custom list and also an option to stop the specific task(example stop directory brute force in the selected subfolder...)