Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Can I find out the IP range for Burp Collaborato servers?

Ian | Last updated: Apr 28, 2021 08:42AM UTC

Hi, My name is Ian Matthews and I work for Synack (a pen-testing company) and a number of our testers (and I) use Burp Pro for testing and our daily work. When we test, we get our testers to come through a VPN, so that the traffic always goes to the client from a known IP range. This works well, until a researcher is testing e.g. Blind SQLi or similar which requires a Burp Collaborator server. For our clients to be able to whitelist, do you have a defined IP range for Burp Collaborator servers, so that I could inform our client of this when we test? The second question is whether Burp Collaborator is a product offering that we can host on our own IP space, but that would allow perhaps 50 testers to use it at the same time?. I've seen that I can set up an individual instance, but can I set up an instance that can be used by multiple testers? Many thanks Ian

Uthman, PortSwigger Agent | Last updated: Apr 28, 2021 09:36AM UTC

Hi Ian, The public collaborator server is hosted at burpcollaborator.net so you could perform an nslookup or a ping to determine the IP address. In terms of the second question, you can use a private collaborator server. There is no limit on the number of users who can use this at any one time. You can find out further information below: - https://portswigger.net/burp/documentation/collaborator/deploying

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.