MCP Server

Integrates Burp Suite with AI clients using the Model Context Protocol (MCP). This extension exposes Burp functionality through an MCP server, enabling AI assistants to perform security testing tasks, analyze traffic, and interact with Burp tools programmatically.

For more information about the protocol, visit modelcontextprotocol.io

Note: Any data sent to external tools via this extension is subject to their data processing policies.

Features

• Send HTTP/1.1 and HTTP/2 requests directly from AI clients with security controls
• Access and filter proxy history (HTTP and WebSocket) with regex support
• Generate and poll Burp Collaborator payloads for out-of-band testing (Professional only)
• Create Repeater tabs and send requests to Intruder
• Export and modify project and user configuration via JSON
• Control proxy intercept, task execution engine, and message editor contents
• Built-in encoding utilities (URL, Base64) and random string generation
• Automatic Claude Desktop installation with packaged stdio proxy server
• Configurable target approval system for HTTP requests and history access

Usage

1. Navigate to the "MCP" tab and enable the MCP server.
2. Configure security settings including auto-approve targets and configuration editing permissions.
3. Use the installer button to automatically configure Claude Desktop, or manually configure your MCP client to connect to http://127.0.0.1:9876 (SSE mode) or use the packaged stdio proxy server.
4. Interact with Burp through your AI client using the available MCP tools.

Copyright © 2025-2026 PortSwigger Ltd.