"Burp Suite Pro is my web app assessment tool-of-choice. It has made my life and my job easier so I can be more efficient."
Jed Mitten, Senior Security Consultant, MANDIANT
"We tried the others, but keep coming back to Burp Suite Pro. Nothing comes near it for application security testing."
Steve Lord, Mandalorian
Today's release of Burp Suite introduces Burp Collaborator. This new feature has the potential to revolutionize web security testing. Over time, Burp Collaborator will enable Burp to detect issues like blind XSS, server-side request forgery, asynchronous code injection, and various as-yet-unclassified vulnerabilities.
In the coming months, we will be adding many exciting new capabilities to Burp, based on the Collaborator technology.
This release updates the Scanner to find super-blind OS command injection vulnerabilities. The Scanner now makes use of Burp Collaborator to find OS command injection vulnerabilities where it is not possible to observe any time delay or command output in responses.