Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp Collaborator

mike | Last updated: Dec 09, 2022 01:39PM UTC

Hello I am considering standing up a burp collaborator on a private domain. This will be publicly accessible via the Internet. Can you confirm if there is a way to have only my licensed users connect to this instance, or will anyone be able to connect to it if they have the address? Thanks

Michelle, PortSwigger Agent | Last updated: Dec 09, 2022 02:10PM UTC

Hi The Collaborator server won't restrict connections based on the license, but you can configure the Collaborator to use different interfaces (or ports) for serving polling requests (to allow retrieval of interactions). This then gives you the option of controlling access to the polling function at the network layer. If you've got any further questions, please let me know. If there are any you'd prefer to ask directly rather than on the forum, feel free to email support@portswigger.net.

mike | Last updated: Dec 12, 2022 02:34PM UTC

Hi Michelle It would be great to have some security on the collaborator polling - public/private keypair or a secret signed by the license etc. For your suggestion, can you point me at documentation please? It sounds like we could have the listeners public, and the polling function via a private network. What port does the polling function run on? Thanks

Michelle, PortSwigger Agent | Last updated: Dec 12, 2022 03:23PM UTC