Burp Suite, the leading toolkit for web application security testing
Burp Suite Pro contains the following key components:
- Intercepting proxy
- Application-aware spider
- Web application scanner
- Advanced fuzzing tools
- Session token analysis
- Powerful extensibility
- Numerous engagement tools
"Burp Suite Pro is my web app assessment
tool-of-choice. It has made my life and my job easier so
I can be more efficient."
Jed Mitten, Senior Security Consultant,
"We tried the others, but keep coming back to Burp
Suite Pro. Nothing comes near it for application
Steve Lord, Mandalorian
Read more Success Stories ›
Thursday, 16 April 2015
Introducing Burp Collaborator
Today's release of Burp Suite introduces Burp Collaborator. This new feature has the potential to revolutionize web security testing. Over time, Burp Collaborator will enable Burp to detect issues like blind XSS, server-side request forgery, asynchronous code injection, and various as-yet-unclassified vulnerabilities.
In the coming months, we will be adding many exciting new capabilities to Burp, based on the Collaborator technology.
Read the full blog entry ›
Wednesday, April 22, 2015
This release contains a number of minor enhancements and bugfixes, including:
- The Proxy now uses SHA256 to generate its CA and per-host certificates
- There is a new button at Proxy / Options / Proxy Listeners to force Burp to regenerate its CA certificate.
- A bug in the "Paste from file" function which caused Burp to sometimes retain a lock on the selected file has been fixed.
- A bug in the Intruder "extract grep" function, which sometimes caused extracted HTML content to be rendered as HTML in the results table, has been fixed.
See all release notes ›
Copyright © 2015 PortSwigger Ltd. All rights reserved.