Burp Suite is a set of powerful tools for performing security testing of web applications. Designed throughout with the tester in mind, Burp lets you:
Burp is built around a user-driven workflow, giving you full control over the entire testing process, from initial mapping and analysis of the application's attack surface, through to finding and exploiting security vulnerabilities.
Burp's features are easy to use and intuitive, allowing new users to begin finding security flaws right away. Just beneath the surface, Burp is also hugely powerful and configurable, enabling more experienced testers to apply its state-of-the-art tools to the task in hand. All of Burp's functionality is designed and implemented by security testers, with real attention to detail of the features you need to deliver your work professionally and efficiently.
The Free Edition of Burp contains the core functionality needed for carrying out manual security testing of web applications. Burp Suite Professional takes this to another level, with a fully-featured vulnerability scanner, powerful exploitation tools, and a wealth of high-value features to assist the serious, professional tester.
Burp is a platform-independent Java program, and runs on any platform for which an official Java runtime is available, including Windows, Linux and Mac OSX.
"I haven’t met a web application tester that doesn’t use Burp as their main tool."
Rob Fuller, Room362.com
"Burp Suite Pro is by far the best value in the webappsec tool market."
Steve Pinkham, Maven Security Consulting
"Nothing comes near Burp Suite Pro for application security testing."
Steve Lord, Mandalorian
"Burp Suite Pro has made my life and my job easier so I can be more efficient."
Jed Mitten, MANDIANT
"Calling Burp Suite a Swiss Army Knife is an understatement."
Arjun Pednekar, NGS Secure
"Burp Suite Pro is the best value for money offering in the area of web security scanners."