Burp AI capabilities

Burp AI introduces a number of AI-powered capabilities designed to accelerate your workflow, reduce human error, and help you focus on the tasks that require your human expertise and intuition.
image

Explainer: Instant AI-powered insights

No more context-switching - get AI-powered, security-focused insights, directly in Burp Repeater.

Bridge knowledge gaps

Quickly research unfamiliar HTTP headers, cookies, and other data and their potential security implications.

Quickly decipher code

Ask Burp AI to explain client-side JavaScript to you, so you can quickly understand what the code is doing, and whether it warrants deeper manual investigation, without having to decipher it line-by-line.

Reduce context-switching

Eliminate the need to switch between Burp and external information sources to look things up.
image

Explore issue: Automated vulnerability analysis

Performing follow-up analysis on issues identified by scan to validate them and demonstrate impact can be tedious and time-consuming. Let Burp AI investigate scanner-identified issues just like a pentester would.

Cover more ground

By outsourcing some of the issue analysis to AI, you can choose to focus your time and effort where you feel it's most valuable.

Demonstrate and escalate impact

Burp AI attempts to leverage the vulnerability to exfiltrate sensitive data, reach additional attack surface, and identify escalation paths, automatically generating PoCs on your behalf.

Stay in control

Burp AI provides step-by-step insights into what it's attempting at each stage, along with an executive summary of the findings so far. You can intervene at any point, whether it's to take over manually or simply because you feel the issue has been explored sufficiently.
image

Free Burp AI credits - start experimenting today!

Experiment with AI-powered features at no additional cost. Simply update Burp Suite Professional to 2025.2 to receive 10,000 free AI credits.UPDATE TO LATEST VERSION

AI-powered false positive reduction

Sifting through false positives can be a huge drain on already stretched AppSec teams. By leveraging Burp AI to perform advanced analysis, Burp Scanner is able to intelligently filter out false positives before they're reported. Note that this feature is currently only available for the Broken Access Control scan check.

Automate testing for broken access controls

Testing for access control vulnerabilities is repetitive and tedious, but has traditionally proved challenging to automate reliably. Using AI-powered false positive reduction, Burp Scanner can now detect broken access controls with significantly more accuracy.

Less noise, more signal

Spend less time chasing dead ends and focus on investigating real vulnerabilities.

Validation before reporting

Burp AI helps validate access control issues before they're reported, ensuring you don't get distracted by an overwhelming to-do list of irrelevant findings.
image

AI-powered extensions

With new updates to the Montoya API, you can integrate AI-powered functionality to build smarter, more powerful extensions.

Take advantage of your free bundle of AI credits and start experimenting today.
READ MORE

Burp AI FAQs

Is Burp AI replacing pentesters?
No. Burp AI enhances efficiency but does not replace human expertise.
Will AI leak my sensitive data?
No. Your data stays within PortSwigger’s secure AI platform and is never stored by the AI service provider or used for model training purposes.
Can I disable AI?
Yes. AI features can be fully disabled from Burp Suite’s settings.
Can I use Burp AI offline?
Not currently, but we may explore local model options based on demand.

Join the official PortSwigger Community

Chat with Burp developers and researchers

Connect with the people behind Burp Suite, ask questions, share insights and get advice from experts.

Exclusive events

Gain access to members-only events, including live demos, deep dives and Q&A sessions with our developers and security researchers.

Feature previews and much more

Be the first to see what's coming next - get sneak peeks of upcoming features, new tools and other exciting updates exclusive to the PortSwigger Discord.
image