Doing More With Burp
There are extensive resources on this site and elsewhere to help you
learn more about Burp Suite, and take your web application testing to
the next level:
- The best place to start is the
Support Center, where you can read numerous articles
about using Burp, and join the community discussions with thousands
of other active Burp users.
- If you want to learn more about getting the best out of Burp,
you should read the extensive Burp Suite
This includes a full reference for all of Burp's features and
configuration options, together with getting started guides and examples
workflow and use-cases.
- If you are new to web application security, or looking to develop your
existing knowledge, a great resource is
The Web Application Hacker's
Handbook. Co-authored by the creator of Burp, this book is a practical guide
to finding and exploiting security flaws in web applications, and aims to be
the most deep and comprehensive general purpose guide to hacking web
applications that is currently available.
- If you are looking for more practical experience in security testing of web
applications, you could attend a Burp Suite training
course from one of our training partners. These courses provide
hands-on training on how to use Burp Suite to find real-world
vulnerabilities, with a range of options from beginner to expert
Monday, October 19, 2015
This release updates Burp to include a security fix in the BlazeDS library that Burp uses for parsing AMF messages, and disables AMF support by default.
Burp's cookie jar has been updated to support the cookie path attribute.
The functions to save and restore state now include options for handling the unique identifier that Burp uses to track interactions with Burp Collaborator.
See all release notes ›