Your agentic AI partner in Burp Suite - Discover Burp AI now           
Read More
Portswigger Logo
Burp Suite DAST The enterprise-enabled dynamic web vulnerability scanner.
Burp Suite Professional The world's #1 web penetration testing toolkit.
Burp Suite Community Edition The best manual tools to start web security testing.
View all product editions
Burp Scanner Burp Suite's web vulnerability scanner Featured Article
Attack surface visibility Improve security posture, prioritize manual testing, free up time.
CI-driven scanning More proactive security - find and fix vulnerabilities earlier.
Application security testing See how our software enables the world to secure the web.
DevSecOps Catch critical bugs; ship more secure software, more quickly.
Penetration testing Accelerate penetration testing - find more bugs, more quickly.
Automated scanning Scale dynamic scanning. Reduce risk. Save time/money.
Bug bounty hunting Level up your hacking and earn more bug bounties.
Compliance Enhance security monitoring to comply with confidence.
View all solutions
Burp Scanner Burp Suite's web vulnerability scanner Featured Article
Research Academy
Support Center Get help and advice from our experts on all things Burp.
Documentation Tutorials and guides for Burp Suite.
Get Started - Professional Get started with Burp Suite Professional.
Get Started - Enterprise Get started with Burp Suite Enterprise Edition.
User Forum Get your questions answered in the User Forum.
Downloads Download the latest version of Burp Suite.
Visit the Support Center
Downloads Download the latest version of Burp Suite Featured Article
Burp AI AI Capabilities Burp AI News Privacy & Security Burp Suite Professional
Burp AI
AI Capabilities
Burp AI News
Privacy & Security
Burp Suite Professional
Get certified
Get certified
How to prepare
How it works
Practice exam
What the exam involves
FAQs

Burp AI capabilities

Burp AI introduces a number of AI-powered capabilities designed to accelerate your workflow, reduce human error, and help you focus on the tasks that require your human expertise and intuition.
Portswigger Culture Hero Image

Explainer: Instant AI-powered insights

No more context-switching - get AI-powered, security-focused insights, directly in Burp Repeater.

Bridge knowledge gaps

Quickly research unfamiliar HTTP headers, cookies, and other data and their potential security implications.

Quickly decipher code

Ask Burp AI to explain client-side JavaScript to you, so you can quickly understand what the code is doing, and whether it warrants deeper manual investigation, without having to decipher it line-by-line.

Reduce context-switching

Eliminate the need to switch between Burp and external information sources to look things up.
Portswigger Culture Hero Image

Explore issue: Automated vulnerability analysis

Cover more ground

By outsourcing some of the issue analysis to AI, you can choose to focus your time and effort where you feel it's most valuable.

Demonstrate and escalate impact

Burp AI attempts to leverage the vulnerability to exfiltrate sensitive data, reach additional attack surface, and identify escalation paths, automatically generating PoCs on your behalf.

Stay in control

Burp AI provides step-by-step insights into what it's attempting at each stage, along with an executive summary of the findings so far. You can intervene at any point, whether it's to take over manually or simply because you feel the issue has been explored sufficiently.
Portswigger Culture Hero Image

AI-powered false positive reduction

Automate testing for broken access controls

Testing for access control vulnerabilities is repetitive and tedious, but has traditionally proved challenging to automate reliably. Using AI-powered false positive reduction, Burp Scanner can now detect broken access controls with significantly more accuracy.

Less noise, more signal

Spend less time chasing dead ends and focus on investigating real vulnerabilities.

Validation before reporting

Burp AI helps validate access control issues before they're reported, ensuring you don't get distracted by an overwhelming to-do list of irrelevant findings.
Portswigger Culture Hero Image

AI-generated login sequences

Simplified scan setup

Instantly generate recorded login sequences instead of manually navigating login flows in the browser.

Reliable authenticated scanning

Avoid common pitfalls of manual recording, such as missed interactions or unrecognized input methods, ensuring successful authentication during scans. Ensure Burp Suite can reliably access and scan authenticated areas, reducing blind spots in your security assessments.
Portswigger Culture Hero Image

Burp AI FAQs

Is Burp AI replacing pentesters?

No. Burp AI enhances efficiency but does not replace human expertise.

Will AI leak my sensitive data?

No. Your data stays within PortSwigger’s secure AI platform and is never stored by the AI service provider or used for model training purposes.

Can I disable AI?

Yes. AI features can be fully disabled from Burp Suite’s settings.

Can I use Burp AI offline?

Not currently, but we may explore local model options based on demand.

Join the official PortSwigger Community

Chat with Burp developers and researchers

Connect with the people behind Burp Suite, ask questions, share insights and get advice from experts.

Exclusive events

Gain access to members-only events, including live demos, deep dives and Q&A sessions with our developers and security researchers.

Feature previews and much more

Be the first to see what's coming next - get sneak peeks of upcoming features, new tools and other exciting updates exclusive to the PortSwigger Discord.
Portswigger Culture Hero Image