Burp Suite User Forum

Create new post

Filter Bypass Scanner Options

Filter bypass options for the scanner would be useful. Just from a SQLi perspective, it would be great if I could have radio buttons that could enable SQLmap tamper script style payload modification options such as...

Last updated: Mar 14, 2016 09:28AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Add a parameter to the scanner exclude list via right-click context menu on the Param tab

I hope it doesn't take much work to add this feature to the current version. It would really be helpful if you can just right click on any parameter and add them to the exclude list of scanner rather than doing a copy and...

Last updated: Mar 07, 2016 02:28PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Log Files

I would like to ask for a feature that would allow me to choose a maximum file size for each log type(much like what i do with tshark for packet capturing). This would force burp to create a new log file everytime the file...

Last updated: Mar 06, 2016 08:18PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Burp Extender - Support for more details from IScanQueueItem

Hi Burp Team, Good day! We have been using active scanner in our CI builds on a regular basis. However, sometime active scan queue items get stuck/slow/become stale and they appear to make little to no progress for a...

Last updated: Mar 04, 2016 07:23AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Proxy Intercept modify + encode

Hi, It would be nice to add to the "Match and Replace" feature of the Proxy Options the possibility to not only add and replace but to encode, or even do the same as with the intruder payload processing (adding rules in a...

Last updated: Mar 02, 2016 04:18PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Page Deduplication

Some applications offer a large set of sites that only present different data but are based on the same template. This can result in thousands of pages in the scope that are basically irrelevant. There should be some way...

Last updated: Feb 26, 2016 01:35PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

In intruder, putting add positions properly to JSON type request

When I assess the JSON type request, intruder put the add position like below: testparameter=${"user":"admin","password": "password00"}$ I would like to put the target position like...

Last updated: Feb 18, 2016 05:24PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Show base request variable in intruder

When running an attack with intruder, particularly a Sniper attack with number payload, it would be good if in the Payload field, the base request (request ID 0) displayed what the contents were between the $$ symbols. At...

Last updated: Feb 17, 2016 11:41AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Keyboard shortcut - Clear history and ALT-TAB

Can you add the ability to: a) Do things without confirmation if I so want? Clear History for example, close Burp for another. And generally do think of other common tasks and add the ability to do things with keyboard...

Last updated: Feb 11, 2016 08:23PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Display file name in Burp's caption bar

Perhaps this was already requested. If so, please ignore this request. I routinely save multiple proxy logs for the same application, depending on the type of test I'm conducting. At times I use several instances of Burp...

Last updated: Feb 11, 2016 05:26PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Differential Automatic Backup Functionality

Automatic Backup is fantastic, it saved our work quite some time, when the Java environment decided to give up and crash. But, storing every time 700 megs, for example, in a state file, will fill up any hard drive over a...

Last updated: Feb 01, 2016 08:48AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Automatic backup prefix

Hi, it would nice to have an option to set prefix for automatic backup file name. When I am working on project1, I would like easy to set up prefix 'project1'. Then I can switch i.e. to project2...

Last updated: Jan 31, 2016 09:15AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

New backup feature and repeater

Hi, Features The first one: it would be nice to be able to set an prefix or suffix to the auto backup file name. Already there is only time and this feature would help to distinguish between projects/sections. It...

Last updated: Jan 18, 2016 04:11PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

BApp Store: Sort Extensions by Date Updated

It is tough to identify new extensions in the Bapp Store. It would be easy to identify new extensions if there was an additional column that listed the date updated. This would also be useful to identify extensions that were...

Last updated: Jan 15, 2016 10:25PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Individual Enable/Disable Tickboxes for Platform Authentication Tickboxes

At the moment (and in the future) it would help during my testing that each set of credentials would have a tickbox next to them to enable or disable them. p.e. I use my basic authentication to login as admin, then log in...

Last updated: Jan 08, 2016 11:46AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

OWASP

Some of our client like to map issue to known standards. Is there anyway to correspond the vulnerability with OWASP top 10 number (if it relates to it).

Last updated: Dec 31, 2015 02:56AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Intruder Dates payload: extend functionality to include times

The helpfulness of this payload when fuzzing a date/time parameter is automatic handling of the wrapping of values back to 1 when appropriate (i.e., avoid March 32nd). Extending the Dates payload with time components (down...

Last updated: Dec 22, 2015 06:54PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Improve flexibility of Proxy Match and Replace

There are already a couple of requests to handle specific use cases of conditional Match and Replace that were declined -- and I have my own use case as well -- but I'd like to suggest a couple of generic options that could...

Last updated: Dec 22, 2015 01:23PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Numbers Intruder payload: add an option to request all in a range randomly instead of sequentially

.

Last updated: Dec 17, 2015 07:02PM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Remember setting for "Request in Browser: current/original session" In future just copy and skip

It would be nice if there was a permanent setting for "in future just copy and skip dialog." Bonus points for hotkeys for original/current session. Thanks for BSP...

Last updated: Dec 16, 2015 05:51AM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Page 62 of 66

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image