login

Burp Suite, the leading toolkit for web application security testing

Burp Suite Pro contains the following key components:

  • Intercepting proxy
  • Application-aware spider
  • Web application scanner
  • Advanced fuzzing tools
  • Session token analysis
  • Powerful extensibility
  • Numerous engagement tools

"Burp Suite Pro is my web app assessment tool-of-choice. It has made my life and my job easier so I can be more efficient."

Jed Mitten, Senior Security Consultant, MANDIANT

"We tried the others, but keep coming back to Burp Suite Pro. Nothing comes near it for application security testing."

Steve Lord, Mandalorian

Read more Success Stories ›

Thursday, 16 April 2015

Introducing Burp Collaborator

Today's release of Burp Suite introduces Burp Collaborator. This new feature has the potential to revolutionize web security testing. Over time, Burp Collaborator will enable Burp to detect issues like blind XSS, server-side request forgery, asynchronous code injection, and various as-yet-unclassified vulnerabilities.

In the coming months, we will be adding many exciting new capabilities to Burp, based on the Collaborator technology.

Read the full blog entry ›

Wednesday, May 6, 2015

v1.6.18

This release updates the Scanner to enable it to find blind XML external entity (XXE) injection vulnerabilities.

Some performance improvements have been made to the Burp Collaborator server, and the metrics page now splits interaction counters into TCP and UDP interactions.

A number of minor bugs have also been fixed.

See all release notes ›

Copyright © 2015 PortSwigger Ltd. All rights reserved.