ProfessionalCommunity Edition

Analyzing opaque data with Burp Suite

  • Last updated: July 10, 2025

  • Read time: 1 Minute

Applications often transmit opaque data that isn't human-readable. Often, this is because the data is encoded or encrypted. For example, session-handling mechanisms often include opaque tokens, such as session tokens or anti-CSRF tokens. When opaque data is transmitted, the server-side application checks the integrity of the data, and may decrypt or decode it to process its plaintext value.

Burp Suite provides a number of features that can help you work with opaque data more easily. For example, you can use Burp to decode data or to edit the data contents.