Feature Requests - Page 7 - Burp Suite User Forum

Reset my progress and labs

Please reset all my labs and progress

Scan Audit & Crawling do not support TLS client certificate authentication

Hello, I've searched quite a bit, and it seems to me that it's not possible to use the Scanning and Crawl functionality on a website that requires Client TLS certificate authentication. When I try to scan audit/crawl...

Enhancing Burpsuite's HTTP History for Improved User Experience

The HTTP history tab feature in Burpsuite is widely used and accessed frequently. However, there is a bug that causes the program to freeze occasionally when trying to open very large HTTP Data. This seems to be a natural...

No Raw in Response when using Repeater

I copied my proxy intercept and pasted it in Repeater tab’s Raw. Then click GO (filled host&port), nothing is appeared in Response window. How can i do for see the response raw? (I’m doing webgoat missing function level...

NTLM EPA support

For a client I'm testing an application with NTLM authentication. With Chrome I could login, but not with Burp or Firefox. After days of digging I came across the following...

Windows 7

What is the latest version of Burp Suite Pro Comaptible with Windows 7 SP1?

Burp Suite Enterprise Re-Check/Re-scan/Re-audit a single issue

I think it work beneficial to added the ability to re-scan or re-check a single on a scan project. Developer and burp suite enterprise customers typically work a on single issue at a time. This feature would help them...

I want to customize more hotkeys.

Hi, Dear Burp Team! I'd like to make the hotkeys more extensible, such as adding extensions like ParamMiner to the hotkeys.

Follow XDG directory specification

Hello, I would like the developers of the Burp Suite to consider implementing XDG directory specification in order to remove unnecessary $HOME clutter. By storing config, cache and user data under $XDG_CONFIG_HOME...

Academy Lab Feedback: 2FA broken logic

Hello, I was working on the 2FA broken logic lab found here: https://portswigger.net/web-security/authentication/multi-factor/lab-2fa-broken-logic I wanted to give some feedback. I was able to complete the lab. However,...

New topics

Hi, will there be labs on PortSwigger in the future related to Server-Side Include(SSI), Code injection, LDAP injection and NoSQL injections?

Use/Parse Collaborator responses in Session Handling Rules and/or Macros

Hello, It would be useful to be able to parse the responses received in Collaborator and use them in the Session Handling Rules interface or/and in the Macros. The use case would be to be able to automate logins that...

Jenkins intergration

Hi, My company is having Burp Suite Professional license. I would like to ask for a Burp Suite Professional license is that able to trigger the burp suite scan in Jenkins CI-CD? Thank you

Dark Mode for Websecurity Academy

It would be really useful if you bring dark mode feature for the Portswigger Academy users.

Burp suite settings

How to configure burp suite to send one request per second when scanning a specific request?

Reset Progress

i want to reset my recent lab progress. kindly reset

A flag to Prevent polling collaborator through socks 5 proxy

Sometimes, there is a need to set up a SOCKS proxy to an internal host. However, in certain network proxy settings, Oastify and custom collaborator servers may be blocked. In such cases, it would be ideal to have a flag that...

Changing color of filter "button" in Proxy/HTTP History when using "Search Term"

Please consider changing the color of the "Filter" button within the Proxy/HTTP window, or elsewhere also, when a "Search Term" is being used. Sometimes, during long tests, the filter can be "forgotten" and unnecessary...

Comparer Bulk Analysis to ID Unique Data

A nice feature for Comparer would be to highlight a large number of responses and have Burp identify variable elements of a response as well as how many requests from the set have this same value. The use case for this would...

Intruder Response Auto-Scroll

Similar to the Comparer's "Sync Views", it would be nice if Intruder would remember the scroll position of a previous request's response as the operator moves between requests using the "down arrow" key and automatically...