Burp Suite User Forum

Login to post

Feature request regarding Burp's "Turbo Intruder" extension.

Naturally "Turbo Intruder" feels like native feature of Burp proxy. And I've found it strange that we can not specify multiple injection points within a single request. (using "%s" symbol) Kind regards, your fellow...

Last updated: Aug 25, 2020 02:21PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Double click on Request or Response tab in the Target View for full screen view

When I double click on the Request or Response tab in the Target View, I would like to see this tab in full screen to better read the contents.

Last updated: Aug 25, 2020 01:31PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Option to ask to keep previous settings during upgrade

I'm using latest version of BurpSuitePro executable on windows 10 system on an external monitor with 125% scaling. In order for BurpSutePro to scale properly on my computer I have to modify the C:\Program...

Last updated: Aug 25, 2020 08:39AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Web Server/Application Analyzer

Hi, I know there are some extentions that analyze http headers and contents (like vulnerability software reporter or http headers analyser), but what about a built-in analyzer to adapt burp payloads/engine to web...

Last updated: Aug 24, 2020 01:42PM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Burp Repeater Request

Hi there, For the burp repeater, is there a way to show the request vertically instead of horizontally, just like owasp zap proxy. Request Response instead of Request | Response. On top of which, is it possible...

Last updated: Aug 24, 2020 10:24AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Feature request regarding the Lab.

If I may request a "Prototype Pollution" category for our Lab. Naturally PortSwigger stays ahead of competition, and is always on point with it's research, and because of that reason I've found it strange that such popular...

Last updated: Aug 21, 2020 08:24AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Slow Loris Test in BURP?

Hello, Do you think you will add a Slow Loris Test feature ? Regards

Last updated: Aug 20, 2020 01:39PM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Pre-defined extension list

Hi, I don't know if it has been suggested before, but a nice feature would be some way to load some extensions by default (like a whitelist/allowlist). Like I would to load by default "content type converter", "logger++"...

Last updated: Aug 19, 2020 07:21PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

Target Site in the Intruder

Hi, Is it possible to add the option to change the target site in the intruder, to be able to set a payload set for it as well?

Last updated: Aug 19, 2020 10:29AM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Macro - Define custom parameter

Hi, Today for the first time I needed to use the macro feature in Burp. Together with a college we’ve puzzelt a bit while we were reading an access_token from a oAuth POST response that we needed to be added into a...

Last updated: Aug 19, 2020 09:25AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Postgres 11 support

Teradici is currently looking to migrate from PSql 9.6 to 11. I noticed in your documentation that you only support up to 10. Is there a timeline to move to 11?

Last updated: Aug 18, 2020 11:37AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Please allow embedded browser settings to be saved.

This has been brought up by others but I feel the need to amplify the message. Having to manually change settings and reinstall uBlock origin (at the very least) is unacceptably prohibitive. It's certainly less of a pain to...

Last updated: Aug 17, 2020 08:09AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Using both FQDN and IP at the same time for Collaborator

Would it be possible to add support for 2 Collaborator servers at the same time? Or rather having 1 server but being able to say that payloads should be tried for both domain name, as well as IP address? Sometimes our...

Last updated: Aug 13, 2020 10:20AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Last updated: Aug 12, 2020 06:54PM UTC | 4 Agent replies | 3 Community replies | Feature Requests

Preview SVG Responses

The subject says it all. When there's a response with the following content type, it would be great to be able to see a preview with the embedded Chromium browser. Content-Type: image/svg+xml Thanks!

Last updated: Aug 12, 2020 09:44AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Proxy - > HTTP History: Remember the columns custom order

Hi, Please consider retaining/remember across project saved options the columns custom order. Personally, I do find very less appealing the effort I have to invest to manually order the current columns as I want to see...

Last updated: Aug 11, 2020 07:34AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Is it possible to make intruder payload based on the previous response?

Hello, I have 7 different payloads for 1 position The intruder needs to define conditional previous response, after that the payload will choose 1 from the 7 different payloads to the current post request. Is it...

Last updated: Aug 10, 2020 10:53AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Searching Web-socket History

Hi team, I was testing a Javascript application that made Websocket requests. I was trying to search sensitive parameters/calls in WebSocket history. They were making calls to update using values to the server using...

Last updated: Aug 09, 2020 04:48PM UTC | 1 Agent replies | 2 Community replies | Feature Requests

match and replace for the websocket

Possible to add a match and replace for the websockets? Someone made a plugin for it in the past, but isnt working anymore.

Last updated: Aug 07, 2020 12:39PM UTC | 4 Agent replies | 5 Community replies | Feature Requests

Split pane view in "HTTP History" tab

The HTTP History tab would be improved by providing the option to have split panes for request and responses (i.e. like the Repeater tab). Doing so would make it cleaner and easier to scroll through request and response...

Last updated: Aug 06, 2020 03:51PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Page 7 of 37

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image