login

Burp Suite, the leading toolkit for web application security testing

Burp Suite Pro contains the following key components:

  • Intercepting proxy
  • Application-aware spider
  • Web application scanner
  • Advanced fuzzing tools
  • Session token analysis
  • Powerful extensibility
  • Numerous engagement tools

"Burp Suite Pro is my web app assessment tool-of-choice. It has made my life and my job easier so I can be more efficient."

Jed Mitten, Senior Security Consultant, MANDIANT

"We tried the others, but keep coming back to Burp Suite Pro. Nothing comes near it for application security testing."

Steve Lord, Mandalorian

Read more Success Stories ›

Tuesday, July 26, 2016

Introducing Burp Infiltrator

The latest release of Burp Suite introduces a new tool, called Burp Infiltrator. Burp Infiltrator is a tool for instrumenting target web applications in order to facilitate testing using Burp Scanner. Burp Infiltrator modifies the target application so that Burp can detect cases where its input is passed to potentially unsafe APIs on the server side. In industry jargon, this capability is known as IAST (interactive application security testing).

Read the full blog entry ›

Tuesday, July 26, 2016

1.7.04

Burp Infiltrator is a tool for instrumenting target web applications in order to facilitate testing using Burp Scanner. Burp Infiltrator modifies the target application so that Burp can detect cases where its input is passed to potentially unsafe APIs on the server side. The initial release of Burp Infiltrator supports applications written in Java or other JVM-based languages such as Groovy. Java versions from 4 and upwards are supported. In future, Burp Infiltrator will support other platforms such as .NET.

See all release notes ›

Copyright © 2016 PortSwigger Ltd. All rights reserved.