Last updated: August 3, 2021
Read time: 6 Minutes
If you are new to Burp and are having problems, please first read the help on Getting Started with Burp Suite, and follow the instructions there. Otherwise, the problems and solutions below might help you.
Make sure you have a suitable version of Java installed. Then start Burp from the command line. Look at any error messages or other output that appears on the command line, which should indicate the cause of the problem.
When running Burp from the command line, make sure you have included the
-jar argument followed by the location of the Burp JAR file. If you're still having problems, check that your command is launching the correct version of Java. Run the command
java -version and confirm that the version being executed is 1.8 or later. If you have installed a later version of Java but an older version is still being executed, then replace "java" with an absolute path to the correct java executable on your system. If you're still having problems, your Java installation might be corrupted, so reinstall it.
If you get this error message when trying to launch Burp with a Burp Extender plugin, then check that your BurpExtender class is declared in the burp package, and resides inside a folder called burp within your extension's JAR file.
You don't need to unpack or unzip the Burp JAR file. This probably happened because your computer is associating the .JAR file extension with some archiving software. You can change this association to associate with Java, or better, you can start Burp from the command line.
If your browser is always waiting and not showing any actual content, then please try the following steps. After each step, check whether you are still having problems, and only continue to the next step if things are not working.
In Burp, go to the Proxy tab, and the History sub-tab. Make some more requests from your browser (e.g. press refresh a few times), and check whether any new entries are appearing in the Proxy history. If so, then Burp is processing your browser traffic but is not presenting any messages for interception. Go to the Proxy Intercept tab, and enable master interception (click on the "Intercept is off" button to toggle the interception status). Then go to the Proxy Options tab, and click the "Restore defaults" button in the "Intercept Client Requests" and "Intercept Server Responses" sections. Make some more requests from your browser, and these should now appear in the Proxy Intercept tab.
If your browser is loading pages correctly but no items are appearing in the Proxy history, you need to check your browser proxy settings. Your browser should be configured to use Burp for both HTTP and HTTPS; any "automatic" proxy options should be disabled, and any "exceptions" to the proxy settings should be removed. If you are unsure, follow carefully the steps in Configuring Your Browser to ensure your browser is correctly set up.
If your browser is sending HTTP requests through Burp, but not HTTPS requests, then your browser is probably configured to proxy only HTTP. Check in your browser proxy settings that the browser is configured to use Burp for both protocols. If you are unsure, follow carefully the steps in Configuring Your Browser to ensure your browser is correctly set up.
If your browser is able to load HTTPS websites via Burp, but these do not function properly (e.g. the user interface is not complete or fully functional), then the application is probably attempting to load script code or other resources over HTTPS from another domain, and your browser is generating a security alert when loading these resources via Burp. You need to install Burp's CA certificate in your browser, to ensure that applications using HTTPS function properly.
If the application you are testing uses platform authentication (which normally shows as a popup login dialog within your browser), and you get authentication failure messages when your browser is configured to use Burp, then you need to configure Burp to handle the platform authentication instead of your browser. Go to the Options tab, and the Connections sub-tab, and the Platform Authentication section. Add a new entry for each hostname used by your application, configuring the authentication type and your credentials. If you aren't sure of the authentication type, then first try NTLMv2, then NTLMv1, and then the other types. You may need to close all browser windows and open a new browser window, to prevent any browser caching from interfering with the authentication process.
See Troubleshooting performance details for more details.
You can launch an automated crawl-and-audit scan simply by clicking "New scan" on the Burp dashboard and supplying the start URL. You can also launch scans in various other ways. See Scanning web sites for more details.
This issue could be due to your computer's firewall rules. Ensure that they are configured to allow connections from your mobile device.
Also, see the Support Center articles on configuring mobile devices to work with Burp.
Try starting Burp Suite with these settings:
start javaw -Dsun.java2d.d3d=false -Dsun.java2d.noddraw=true -jar burpsuite_pro_vXXXX.X.jar.