Professional

Document My Pentest

Document My Pentest creates a description of whatever you are trying to test. Whether you're probing for path traversal, SQL injection, XSS, or other vulnerabilities, Document My Pentest tries to understand what you are doing and documents it for you.

Features

  • AI-generated notes based on your testing activity.
  • Works seamlessly with Repeater and Proxy History items.
  • Notes are editable for accuracy and customization.
  • If configured, automatically sends notes to Organizer.

Usage

Repeater

  1. Use Repeater as you normally would while testing a target.
  2. When you're ready to document your work, simply right-click and select "Extensions -> Document My Pentest -> Document my work".
  3. The AI will generate notes for you automatically.

Proxy History

You can also right-click on item(s) in the Proxy History and document a pen test as separate requests or as a collection of requests and responses.

  • Select "Extensions -> Document My Pentest -> Document my work (separately)" to create notes on each request and response as a separate attack.
  • Select Extensions -> Document My Pentest -> Document my work (as collection) to combine notes for all selected items into the last selected entry.

Automatic documentation

  • Enable "Document My Work -> Settings -> Auto invoke after Repeater requests".
  • Enable "Document My Work -> Settings -> Auto send notes to Organizer".

Corrections

AI isn't flawless - sometimes it gets things wrong. You can manually edit the generated notes to make corrections as needed.


Copyright © 2025 PortSwigger Ltd.

Author

Author

Gareth Heyes, PortSwigger

Version

Version

1.0.0

Rating

Rating

Popularity

Popularity

Last updated

Last updated

22 April 2025

Estimated system impact

Estimated system impact

Overall impact: Empty

Memory
Empty
CPU
Empty
General
Empty
Scanner
Empty

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.