Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility

Tuesday, April 15, 2014

v1.6

This is the final v1.6 release.

Burp Suite Free Edition contains significant new features added since v1.5, including:
  • Support for WebSockets messages.
  • Support for PKCS#11 client SSL certificates contained in smart cards and physical tokens.
  • A new Extender tool, allowing dynamic loading and unloading of multiple extensions.
  • A new powerful extensibility API, enabling extensions to customize Burp's behavior in much more powerful ways.
  • Support for extensions written in Python and Ruby.
  • A new BApp Store feature, allowing quick and easy installation of extensions written by other Burp users.
  • An option to resolve DNS queries over a configured SOCKS proxy, allowing access to TOR hidden services.
  • Generation of CSRF PoC attacks using a new cross-domain XHR technique.
  • New options for SSL configuration, to help work around common problems.
  • Optional unpacking of compressed request bodies in the Proxy.
  • Support for .NET DeflateStream compression.
  • New and improved types of Intruder payloads.
  • New Proxy interception rules.
  • New Proxy match/replace rules.
  • Improved layout options in the Repeater UI.
  • An SSL pass-through feature, to prevent Burp from breaking the SSL tunnel for specified domains.
  • Support for the Firefox Plug-n-hack extension.
  • An option to copy a selected request as a curl command.
Burp Suite Professional contains a number of bugfixes and tweaks, added since the last beta version, including:
  • An occasional bug causing misplaced highlights on payloads in Scanner issues has been fixed.
  • A bug in which restoring default settings for the Extender tool didn't unload any currently running extensions has been fixed.
  • A display bug affecting the rendering of binary content (such as images) in the raw view of the HTTP message editor has been fixed.
  • A bug which prevented the automatic backup on exit feature from functioning in headless mode has been fixed.
  • In previous versions, Burp stored its preferences in separate locations for each major version. This caused persisted settings to be lost on upgrading to a new major version. This behavior has been modified, and from v1.6 onwards major versions will store their preferences in the same location. As a workaround to preserve settings from earlier releases, Pro users can launch the earlier release, save a state file containing their preferences, then launch the new release and load the state file.
Work is already underway on some exciting new features that will be arriving post v1.6 ...

Free edition
MD5: 6f2c0ff4e3cab35bb49312ce88e1a690
SHA256: 21cfdd2d2f682997648f3877bca239bde358f8ce5a2a9304fd1de72fc68a3312

Pro edition
MD5: 8d56e783e79f615feefd3717322d61dd
SHA256: d81a765df2eb2fc33f91cdbf2669264204a9acf2ed7e43187ff7632015ffa89b