Best for pentesters and hands-on security professionals. Free up testing time with scalable, automated scanning Automated DAST scanning without limits. Free up testing time with trusted Burp ...

Attack surface visibility Improve security posture, prioritize manual testing, free up time. CI-driven scanning More proactive security - find and fix vulnerabilities earlier. Application security ...

We've introduced a feature that enables you to create HTTP match and replace rules using Bambdas. This enables you to handle complex or bulk changes more flexibly and easily. For example, you could ...

Follow the steps on this page to set up your own private instance of the Collaborator server. This may be useful in the following situations: Alternatively, you can configure the Collaborator server ...

This lab validates email addresses to prevent attackers from registering addresses from unauthorized domains. There is a parser discrepancy in the validation logic and library used to parse email ...

AppSec teams face a wide range of challenges when securing their API estate against attack threats. In our recent webinar, which demonstrated the enhanced API scanning features in Burp Suite ...

This extension copies selected request(s) as Python-Requests invocations. Please note that JavaScript must be enabled to display rating and popularity information ...

This extension adds a new context menu item in Burp Suite to switch between defined Display Settings Profiles. Features: The currently used Display settings may be saved to a new Display Settings ...

This release introduces two new issue management features: accepted risk marking and severity adjustment. We've also made some other improvements, and fixed some bugs. Accepted risk:You can now mark ...

This section explains how to configure the way Burp Suite Enterprise Edition handles false positives, accepted risks, and issues with edited severities. You can configure whether Burp Suite Enterprise ...

Get to grips with all the basics of Burp Suite Professional with our video tutorials. Covering product essentials such as intercepting HTTP requests and responses, scanning a website, and a guide to ...

Hands-on security testers need the best tools for the job. Tools you have faith in, and enjoy using all day long. Burp Suite has long been that tool, and now, it's faster than ever. We’ve listened to ...