Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Accessibility

Alejandro | Last updated: Aug 23, 2023 02:12PM UTC

Hello, I have been using Burp Suite for some months now, and I would like to share my experience as a blind user. First of all, the majority of the interface is not navigable with a screen reader. This is due to the fact that many user controls, such as buttons, combo boxes, etc., do not receive keyboard focus. Actually, when you press the tab key, in many tabs, you can only see the help messages. In spite of this, the program is still usable thanks to the keyboard shortcuts. By adding shortcuts to the main functionalities, I am able to switch between the main tabs (target, proxy, repeater, intruder, decoder...). I can intercept requests, modify them, and see the response. I can even use a tiny fraction of the potential of the intruder. However, the fact that not every important function can be assigned a shortcut, added to the inability of AutoHotKey to detect Burp's user controls, makes it impossible for me to exploit the maximum capabilities of Burp. Many screen readers offer an object navigation method that allows the user to navigate interfaces as if they were a tree of components. This usually helps with inaccessible interfaces, as you can see components that are not focusable, place the mouse pointer on those components, and left-click on them. Unfortunately, this feature is flawed on Burp's interface, as when you try to place the mouse pointer on a component, it is set a random amount of pixels above the real clicking area. This number of pixels seems to increase the more inner the component you are trying to click is. Lastly, there are some panels that make the screen reader completely silent. An example of this is the "Add a Proxy Listener" settings panel. This panel cannot be navigated by pressing tab, using the arrow keys, or even with object navigation. I am aware of the difficulty that solving all the problems I mentioned represents. Nevertheless, there are things that can be done. For instance, adding extra shortcuts for changing the intruder mode, the type of payload, adding rules, sending a group of requests in parallel/sequentially, changing from request to response text box... Just by doing this, the lives of all Burp's blind users would be much easier. Finally, I would like you to think of accessibility as a feature that can not only help disabled people but also improve the overall user experience. That's why I encourage you to orientate your efforts little step by little step, update by update, towards a more accessible Burp Suite. I hope you don't take all this as criticism. In fact, I admire your job so much that I would love to enjoy it. Thank you for your attention.

Liam, PortSwigger Agent | Last updated: Aug 24, 2023 10:53AM UTC

Hi Alejandro. Thanks for your detailed feedback. Would you be open to a call with our UX team? They'd be interested in discussing your top pain points and the priority of potential improvements. They'd also be keen to observe some of your experience with Burp via a screen share. Please email us via support@portswigger.net to follow up with a call.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.