Hacking with Burp AI in the Chesspocalypse: API expert Corey Ball showcases how Burp AI can support pentesters.

AI isn’t just reshaping cybersecurity - it’s challenging testers to rethink their entire playbook.

In his latest article, “Hacking with Burp AI in the Chesspocalypse”, API expert Corey Ball draws lessons from chess’s own AI revolution, where Garry Kasparov’s legendary match with Deep Blue marked not the end of human mastery—but the beginning of human-machine collaboration. Today, that same transformation is happening in cybersecurity, and over in Burp Suite Professional with Burp AI.

Read the full article over on hAPI Labs blog.

How can Burp AI be used?

In Hacking with Burp AI in the Chesspocalypse, Corey puts Burp AI through its paces on training targets, treating it like a digital sparring partner rather than a hands-off autopilot. He demonstrates how Burp AI can analyze requests, identify potential vulnerabilities, and iterate intelligently through testing scenarios.

For example, when SQL injection attempts fail, Burp AI pivots automatically to test for NoSQL injection, eventually uncovering a critical flaw that exposes coupon data. Corey uses these moments to show how Burp AI can act as a mentor for new testers by explaining findings and setting up attack configurations.

Corey’s dive into Burp AI is a glimpse at how human intuition and AI-supported testing can combine to raise the standard of AppSec. Read more in this article.

What does this mean for me as a pentester?

Enter Burp AI, PortSwigger’s new agentic AI-powered assistant inside Burp Suite.

Rather than replacing testers, Burp AI augments them - analyzing behavior, surfacing vulnerabilities, and even explaining complex findings in plain language. It’s the “chess engine” for web app hacking: a partner that helps you test smarter, learn faster, and refine your strategy.

From “help me with this”, all the way to “conduct in-depth analysis”, prompting Burp AI helps you push through roadblocks - all while you stay in control. Imagine having an AI-powered security expert at your side at all times: one who reduces time-to-insight and time-to-impact, so you can focus on the creative, high-value parts of testing.

Learn more about Burp AI.

Ready to get started?

Update to the latest version of Burp Suite Professional, head to Settings → AI, and enable Burp AI. If you’re new to Burp Suite Professional, you’ll get 10,000 free credits to start experimenting with Burp AI right away.

You’ll be working side-by-side with an intelligent testing companion because, just like chess, cybersecurity doesn’t end when AI joins the game - it evolves.

Amelia Coen