login

Burp Suite, the leading toolkit for web application security testing

Message Editor

The message editor is used throughout Burp for viewing and editing HTTP requests and responses, and WebSockets messages. As well as displaying the raw messages themselves, the editor includes a large number of functions to help you quickly analyze the messages further, drive Burp's core workflow, and carry out other useful tasks.

Message Analysis Tabs

The editor uses various tabs to display and analyze different types of messages. The tabs that are shown depend on the type and contents of the currently displayed message.

Raw

This tab displays the message in raw form in a text editor. The text editor includes various useful functions including syntax analysis, hotkeys and text search.

Params

This tab applies only to HTTP requests, and displays the request parameters in tabular form. If the message is editable, then you can edit each parameter's name and value directly in the table, and also change the parameter type. You can also add, move and reorder parameters.

Where applicable, parameter names and values are displayed in the table in their URL-decoded form, for easier viewing. When you double-click an item for editing, it will be shown in its original form. If, while editing, you enter any relevant metacharacters in their literal form (such as an ampersand or equals character), these will be automatically URL-encoded when you finish editing.

You can select a single cell and use Ctrl+C to copy its value. If you select multiple rows, then all the selected values are copied, with tab/newline delimiters, allowing you to easily paste the content into other software, such as a spreadsheet.

Headers

This tab applies to any HTTP message containing headers after the first line. It displays the header names and values in tabular form. If the message is editable, then you can edit each header's name and value directly in the table. You can also add, move and reorder headers.

If the message has a non-empty body, this will be displayed in the lower half of the headers tab, in its own text editor.

Hex

This tab displays the message in raw form in a hex editor. You can edit individual bytes directly by double-clicking values in the table. Values must be given in two-digit hexadecimal form, from 00 through FF.

The context menu for this tab additionally has the following items:

HTML

This tab applies to HTTP responses containing HTML content in the message body. The tab displays only the HTML (no headers), and shows this in a prettified form, with the content laid out and indented according to the HTML tag hierarchy. The main use of this tab is to make badly formatted HTML (as shown in the Raw tab) more easily readable.

XML

This tab applies to HTTP responses containing XML content in the message body. The tab displays only the XML (no headers), and shows this in a prettified form, with the content laid out and indented according to the XML tag hierarchy. The main use of this tab is to make badly formatted XML (as shown in the Raw tab) more easily readable.

Render

This tab applies to HTTP responses containing HTML or image content. It attempts to render the contents of the message body in the form it would appear when displayed in a browser.

ViewState

This tab applies to HTTP messages containing an ASP.NET ViewState (either as a parameter in requests, or as a form field in responses). The contents of the ViewState are unpacked and displayed in a tree structure (unless the ViewState is encrypted). The raw data itself is shown in a panel below the tree (in a text editor for ViewState v1.0 and in a hex editor for v2.0).

If the message is editable, then you can edit the raw data in the lower panel to modify the ViewState. (The tree itself is not editable.) When you have finished editing the raw data, if you select another tab in the message editor, and then re-select the ViewState tab, then the tree will be redrawn with your updated content. Note that if the ViewState is MAC-enabled, then editing it is unlikely to achieve anything, because the server-side platform will reject the modified data.

AMF

This tab applies to HTTP messages with a message body containing a Flash message in Action Message Format (AMF). The contents of the message are unpacked and displayed in a tree structure. There are columns showing the data type and value for each item in the tree. If the message is editable, you can modify literal data values by double-clicking them.

Context Menu Commands

Right-clicking on the message editor produces a context menu that can be used to perform various actions, depending on the message type:

The context menu may also include additional items that are specific to the tool in which the editor appears (for example, in Repeater, the context menu has options to paste a URL as a request, and add the current item to the site map).

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Wednesday, June 11, 2014

v1.6.01

This release contains various enhancements to existing functionality, including improvements to the Spider's link-discovery engine, which now achieves a WIVET score of 50%. There is more work to do in this area, and improved crawling of JavaScript-driven navigation is in the pipeline.

Various bugs have also been fixed.

See all release notes ›

Copyright © 2014 PortSwigger Ltd. All rights reserved.