Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Wednesday, May 26, 2010


This release adds a number of new checks to Burp Scanner, to report the following issues:

  • File upload functionality

  • Robots.txt

  • SSL certificate problems

  • SQL syntax in request parameters

  • Silverlight crossdomain policy

  • Disclosure of social security numbers

  • Disclosure of credit card numbers

  • Disclosure of database connection strings

  • Disclosure of server-side source code

  • ASP.NET tracing enabled

  • ASP.NET debugging enabled

  • HTTP PUT enabled

It must be said that many of these aren't the most exciting issues you can find in web applications, but they are all checks that people have been asking for. And even seemingly banal issues can often lead to bigger things so are worth investigating.