Feature Requests - Page 58 - Burp Suite User Forum

Decoder 'Wrap Text' option

Can we have a little tick box on the decoder window to auto wrap text. I hate horizontal scrolling like most people!

Add more functionality in "Discover Content"

Hello , you could add more functionality in "Discover Content" like the functionality of a custom list and also an option to stop the specific task(example stop directory brute force in the selected subfolder...)

Make target scope lines clickable

Hi, I'm using Burp Suite Professional v.1.7.05 When visiting Target | Scope, you see a list of targets in scope. Currently only the Enabled column is clickable (it toggles the checkbox). It would be great if you could...

Burp Sequencer feature - Define payload type

Hello, I would like to see a choice for the Sequencer payload type. Meaning if I want to run statistical tests and entropy for 20000 tokens ,I would like to be able to define exactly what type these tokens can be . An...

Requests grab under some actions

Hello. When analyse big targets with many domains, apps, actions, etc, may be very helpfull function of grab group of requests of concrete action. For example, i test big web-app. In some moment, then i have many data in...

Feature request for cookie jar

Hi Just a small request: Would it be possible to add an indication of the cookie flags on cookies stored in cookie jar? That would create an easy overview of the cookies encountered using a test, instead of scrolling...

Numbers Intruder payload: Default the min/max fractional digits fields to 0

Out of all the times I've used the Numbers payload in the span of a year and a half, I think I've only used fractional numbers once or twice. Everyone else in the office here has had a similar experience. Please set...

Confirm closing Intruder/Repeater tabs

Please add a confirmation dialog box when closing these tabs, as they (a) are the easiest to close by mistake, and (b) contain some of the more important information in a session.

Numbers Intruder payload: add support for multiple ranges

Instead of using separate fields for min/max, please change this to a single box that accepts a comma-delimited list of dash-separated inclusive ranges. I.e., 1-50,60-70,80,91-100 (decimal) 0,8-D,20-7E (hex) I think...

Add a processing stack to Grep Extract

Sometimes it's very handy to be able to apply some processing, such as URL or HTML decoding, to extracted values, instead of needing to export to a table (in the case of Intruder results), and then figure out how to apply...

Burp Infiltrator Exclusions

Please add the ability to exclude specific packages or classes from the Burp Infiltrator installer.

Case Modification Intruder payload: add brute force mode

Please add an option that iterates through all the combinations of upper- and lowercase letters for each position. I.e., for an input string "abc", the output should be: abc aBc abC aBC Abc ABc AbC ABC While...

Support CA Certificate Generation for Certs&Keys Greater Than 1024bit

Especially Apple is now enforcing "Best Practices" via App Transport Security. As a workaround I used this guide: https://nabla-c0d3.github.io/blog/2015/12/01/burp-ios9-ats/ Thank you.

External service interaction (DNS)

Hi ! I have scanned a target address and found "External service interaction (DNS)" vulnerability. Is this related to DNS Zone Transfer? and How do i rate this vulnerability according to 1 to 10? please help me ASAP...

Global UI indicator that Live Active Scanning is enabled

There have been times that I've opened a project file, or returned to a project and forgot Live Active Scanning is enabled. Since almost every action in burp is very explicit, requiring user interaction. When live active...

Repeater - Quick toggle cookie jar usage

It is a common use case to want repeater to use the current cookie from the cookie jar. However sometime you want to make sure session authentication is working properly, so you intentionally want to use an old...

How can I get XML view of a response that is in utf-16?

Hi, I don't have a convenient way to view responses with bodies that are XML encoded in utf-16. I think handling this would involve a coding change, but if there's a configuration I've overlooked, please let me...

Disable update checks

An option to disable update checks on startup would be great. This setting should also disable update checks when upstream proxy server settings are changed. This would be especially useful for Burp users that test in...

exponential backoff in Sequencer

When testing session tokens, usually the same request is sent over and over again to the server. Often this causes a considerable amount of load (as tests are usually made on test/quality/integration systems with lower...

alternate native UI

Hi all, I am a visually impaired Burp user who unfortunately, cannot use Burp itself due to the native UI being completely unusable with screen readers. Therefore, I only have one remaining usability option; interact with...