login

Burp Suite, the leading toolkit for web application security testing

Search

[Pro version] Burp provides various functions that let you search for different items:

Search

You can perform suite-wide searches by selecting "Search" from the Burp menu. You can also search within selected branches in the Target site map, by selecting "Search" within "Engagement tools" in the context menu.

The search dialog lets you configure the following options:

When you click "Go", the search begins and the details of each search match are shown in a sortable table. The preview pane shows the full request and response for the selected item, including highlighted matches for your search expression. The context menu can be used to send requests to Burp tools and carry out other actions.

Find Comments and Scripts

You can use these functions to search part or all of the Target site map for comments and scripts. You can start the search by selecting part or all of the site map tree, and choosing "Find comments" or "Find scripts" within "Engagement tools" in the site map context menu.

In the search dialog, use the "Search" button to perform the search (or re-perform it later). Details of the discovered items are shown in a sortable table. The preview pane shows the full request and response for the selected item, with relevant items automatically highlighted, and also extracted into their own tab. The context menu can be used to send requests to Burp tools and carry out other actions.

Selecting the "Dynamic update" option will cause Burp to dynamically update the results as new HTTP messages are processed by Burp tools. You can use the "Export" button to save all of the scripts or comments to file or to the clipboard, optionally consolidating duplicated items.

Find References

You can use this function to search all of Burp's tools for HTTP responses that link to a particular item. To access the function, select an HTTP request anywhere within Burp, or any part of the Target site map, and choose "Find references" within "Engagement tools" in the context menu.

The search results window shows responses (from all Burp tools) that link to the selected item. When you view an individual search result, the response is automatically highlighted to show where the linking reference occurs.

Note that this feature treats the original URL as a prefix when searching for links, so if you select a host, you will find all references to that host; if you select a folder, you will find all references to items within that folder or deeper.

Support Center

Get help and join the community discussions at the Burp Suite Support Center.

Visit the Support Center ›

Wednesday, April 22, 2015

v1.6.17

This release contains a number of minor enhancements and bugfixes, including:

  • The Proxy now uses SHA256 to generate its CA and per-host certificates
  • There is a new button at Proxy / Options / Proxy Listeners to force Burp to regenerate its CA certificate.
  • A bug in the "Paste from file" function which caused Burp to sometimes retain a lock on the selected file has been fixed.
  • A bug in the Intruder "extract grep" function, which sometimes caused extracted HTML content to be rendered as HTML in the results table, has been fixed.

See all release notes ›

Copyright © 2015 PortSwigger Ltd. All rights reserved.