Feature Requests - Page 9 - Burp Suite User Forum

Use Bambdas to filter based on Original request instead of Modified request

A typical usage pattern for me in application testing is that I will write python scripts to automate various attacks against endpoints &c. What I want to do is add a header each request of the form "Script-Name:...

Open Pro file using Community Edition

Is it possible to open a .burp file, in the Community Edition, that was created via Burp Suite Pro?

DOM Manipulation, DOM Checking

Dear Burp Suite Team, I'm interested in developing a Burp extension focused on analyzing elements within the DOM as they load. Currently, I've observed there isn't a built-in functionality within Burp Suite for directly...

Compare Prettified Requests / Responses

Minified HTML responses are extremely difficult to compare. When trying to compare two 100k byte responses that are in a single line, I either have to use a different tool or give up entirely. My request is, when a...

Academy Learning Material and Labs Reset

Hi Team, Could you please reset my academy learning materials as well as my Labs? Thank You.

HTTP history column preferences

Hello, First off this is a truly awesome product, keep up the great work! I was wondering if there was a way to save the preferences of column order view in the HTTP history tab under Proxy. I often like to drag the...

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Burp Suite Enterprise -- Metadata/Tags/key-value store for sites

We would like to add tags to the sites we're scanning with Burp Suite Enterprise, something that helps us integrate with BI and Vulnerability Management solutions to relate a site to different lines of business, clients,...

Burp Enterprise, disable Http/2 requests configuration option

Hello, I've been in discussion with support via email already but wanted to post this here. We have a situation where burp is identifying the application we are scanning uses Http/2 when in actuality, it doesn't and it...

Platform Authentication settings: allow multiple entries with same host

For the moment only one Platform authentication entry is allowed per destination host. If the user tries to set up a second entry that has the same destination host, Burp will not allow it. However, it is useful during...

Some Suggestion About Extension

Wish extensions API can do those thing: 1. encoding function for inspector 2. highlight text in Message Editor by passing multi ranges 3. get error message if HTTP request error (timeout or other error) 4. Intruder...

Request Normalization

Hi, Recently, I was testing a site and tried to send the following request: GET / HTTP/2 X-Any-Header: site.com Host: site.com However, I faced some issues because I required this specific sequence, but Burp...

Exam

Do you give students a discount for burpsuite practitioner exam ?

Reset Labs

Hey, I want to reset all my labs too. Thanks.

Private Collaborator - TLS certificate workflow

Hi everyone, About the installation of a private collaborator server, is there a way to have an automation with let's encrypt to generate valid TLS certificates? I would like to avoid updating the config and restarting...

Keyboard shortcut in Repeater tab

There is ctrl+f in the Proxy tab which is very handy. Please add this shortcut to Repeater tab as well. Thanks in advance.

Lab and learning material progress

Would like the capability to reset lab(s) and or learning material. In my case, I'd like to re-review the content for note-taking.

Improvement for Burp Organizer

Thanks for Portswigger team by introducing this feature, I have suggestion to improve this feature. Problem: As of now my notes are scattered across repeater, proxy request and organizer. It's hard for my to know what is...

Activation limitations

Hello, we have a block of 60 users in two license groups we have single license seats for all our users. Recently my users have told me that they are running out of activations. Also, where can I find the actual activations...

Can Collaborator provide a list of domain names that I have used? When I reopen the project, I forget the previous domain names.