Burp Suite User Forum

Login to post

Extender API for Custom OAST Servers

Collaborator is a great service that has recently had some competition via other OOB tooling in the last few years (interact.sh, canarytokens, etc.) It would be really handy for testing if PortSwigger could add (or...

Last updated: Jul 12, 2022 10:37AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Burp suite Inspector font change.

Hi team, normally, the Inspector font is not changed in the current version and becomes the default font. Although I have changed the HTTP message font, the "Inspector" font does not change. is this possible in the new...

Last updated: Jul 07, 2022 03:16PM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Tabbed search

I would like to have a single search window and a possibility to perform multiple searches (and leave these open) with a tabbed interface. Preferably with an option in the user options to enable or disable tabbed search....

Last updated: Jul 06, 2022 10:26AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

batch options import/paste

Hey there It would be possible to add a feature to allow batch (via import or just paste) options settings? use case: Need to add lots of domains to the "Intercept Client Requests" option as a intercept if not...

Last updated: Jul 05, 2022 03:40PM UTC | 1 Agent replies | 0 Community replies | Feature Requests

When deploying private burp collaborator, allow ability to add custom DNS records of A type.

Currently as mentioned in the docs: https://portswigger.net/burp/documentation/collaborator/deploying field "customDnsRecords" only allows us to specify optional DNS records of type TXT and CNAME, it makes sense for the...

Last updated: Jul 03, 2022 11:30AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Font Size - Would like to increase

It would be nice if there was a setting to increase the size of the fonts in tabs like Proxy, Repeater, Intruder, etc. I haven't see this option, but maybe I missed it. I'm using the Community Edition.

Last updated: Jul 01, 2022 09:26AM UTC | 3 Agent replies | 2 Community replies | Feature Requests

Prompt before loading large responses

I frequently see large javascript responses exceeding 3MB. When I click on one of these, my instance of Burp freezes for around 20 seconds. Sometimes this click is accidental, or sometimes I simply don't notice the size of...

Last updated: Jun 30, 2022 12:28PM UTC | 6 Agent replies | 9 Community replies | Feature Requests

Burp Scanner - Change Severity to False Positive

I thought I had previously submitted this under a Feature Request user forum, but later wasn't able to find it in any forum, so I'm posting again. If this ends up as a duplicate posting, my apologies. When resetting the...

Last updated: Jun 28, 2022 01:09PM UTC | 2 Agent replies | 0 Community replies | Feature Requests

Feature request regarding Burp's "Turbo Intruder" extension.

Naturally "Turbo Intruder" feels like native feature of Burp proxy. And I've found it strange that we can not specify multiple injection points within a single request. (using "%s" symbol) Kind regards, your fellow...

Last updated: Jun 26, 2022 07:47PM UTC | 3 Agent replies | 4 Community replies | Feature Requests

Using intruder and clusterbomb

I'm not sure what the reason is but when I try and used intruder and clusterbomb the 997 out of 998 of the domains said "INVALID". Is there something I'm doing wrong with the settings?

Last updated: Jun 24, 2022 06:50AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Do I need Burp Professional license to take Portswigger Academy course?

Hi, I have a doubt. Does Burp Suite get better performance to solve Portswigger Academy labs ? I've been taking the Portswigger Academy (using burp suite community license), but some of the labs take too long to...

Last updated: Jun 23, 2022 10:46AM UTC | 2 Agent replies | 1 Community replies | Feature Requests

Maintain selection state

When using any module of burp that has a list of request/response items (so most modules), when you select one (or many) and then perform an action like highlighting, commenting, etc, burp then UNselects anything that was...

Last updated: Jun 22, 2022 02:59PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Add tabname to "sendToIntruder"

Hi, function "void sendToRepeater(String host, int port, boolean useHttps, byte[] request, String tabCaption);" has a "tabCaption", but the function "sendToIntruder" doesn't have it. Is it possible to add? It will be...

Last updated: Jun 22, 2022 11:18AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Support global variables

There are extensions that have some support for variables, but they seem like overkill for handling only variables. I can also achieve some of this with Session Handling Rules in Proxy Options, but it is not as easy when...

Last updated: Jun 22, 2022 09:37AM UTC | 1 Agent replies | 1 Community replies | Feature Requests

CSRF Token Bypass

I really need to bypass CSRF token. in my case every time i request, the CSRF will generate new token in the header. so the next request in repeater i need to put the new csrf. i tried to use macro but support said its for...

Last updated: Jun 21, 2022 12:35PM UTC | 3 Agent replies | 1 Community replies | Feature Requests

Reset license count

Hi Team, I installed the Burp License in an old laptop, which I no longer use and want to install the license on a newer laptop. Can you please reset the count so that I can proceed with the installation on the newer...

Last updated: Jun 21, 2022 06:54AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

HTTP history column preferences

Hello, First off this is a truly awesome product, keep up the great work! I was wondering if there was a way to save the preferences of column order view in the HTTP history tab under Proxy. I often like to drag the...

Last updated: Jun 21, 2022 06:43AM UTC | 5 Agent replies | 15 Community replies | Feature Requests

More Granularity For "Filter by status code" Setting

Within HTTP history, you can currently filter by 2xx, 3xx, 4xx, and 5xx. This feature isn't useful because I typically want to see 200, 301/302, 4xx, and 5xx responses - but I don't want to see 201 No Content, 304 Not...

Last updated: Jun 20, 2022 12:28PM UTC | 2 Agent replies | 2 Community replies | Feature Requests

reset all my solved labs

reset all my solved labs

Last updated: Jun 20, 2022 06:48AM UTC | 1 Agent replies | 0 Community replies | Feature Requests

Web Security Academy

I am learning how to perform blind SQL injection in Web Security Academy Labs, in some of them i need to retrieve administrator's password which is "20" character long and doing it manually(using intruder) is not fine. I...

Last updated: Jun 17, 2022 09:27PM UTC | 1 Agent replies | 1 Community replies | Feature Requests

Page 7 of 55

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image