Support
Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Burp Suite Professional and Community editions Burp Suite Enterprise Edition
Burp Scanner Burp Collaborator
Burp Infiltrator Full Documentation Contents
Extensibility
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
  1. Support Center
  2. Documentation
  3. Enterprise Edition
  4. Reference
  5. Agents

Agents

The agents page shows the computers that are configured as agents. For each agent, various details are shown including its name, IP address, health status, and agent count.

The filter bar lets you show or hide agents based on particular features; for example, only showing agents that are currently running scans.

Hovering the mouse over an agent shows contextual options for that agent, such as disabling or deauthorizing it.

You can click into an agent to see more details.

Agent counts

Each agent computer is configured with an agent count. This is the maximum number of logical agents that can run on that computer. Each logical agent can be occupied carrying out a single scan at any given time. So if you configure an agent count of 6, then up to 6 scans might be run in parallel on that computer.

Burp Suite Enterprise Edition is licensed for a specified number of agents. You can install as many agents on as many computers as you wish. But the total number of logical agents that will actually be used at any moment is limited to the number in your license. For example:

Viewing agent details

Clicking into an individual agent lets you see more details:

Agent authorization requests

After an agent has been installed on a new machine, it needs be authorized before it can be used. The "Authorization requests" tab shows agent computers that are not yet authorized. The following details are displayed for each unauthorized agent

When you are satisfied that an authorization request is legitimate, click "Authorize". The new agent will then appear in the "Agents" tab and will be available to perform scans.

Agent fingerprints

Communication between agents and the Enterprise server is protected by mutually authenticating TLS. The fingerprint identifies the public key of the agent and provides some assurance that communication is happening directly with the authentic agent. The installation process for an agent generates a public/private key pair and outputs the fingerprint of the public key. When the Enterprise server receives an authorization request from a new agent, it determines the fingerprint from the key that was used in the TLS negotiation confirm this. You should verify that the fingerprint that is displayed for the authorization request matches the fingerprint that was displayed during installation.

back-to-top