Burp Suite Community Edition Terms and Conditions of Supply
IMPORTANT NOTICE: PLEASE READ THESE TERMS & CONDITIONS OF SUPPLY AND THE LICENCE AGREEMENT REFERRED TO HEREIN BEFORE DOWNLOADING ANY SOFTWARE FROM THIS WEBSITE
These Terms & Conditions of Supply constitute the terms and conditions on which PortSwigger Ltd offers to grant to you a licence to use the software comprising Burp Suite Community Edition (Burp Suite Community Edition or the Software)
1. Burp Suite Community Edition is available to download here (/burp/communitydownload).
2. Downloading Burp Suite Community Edition shall constitute conclusive evidence that you have downloaded the Software on the basis of these Terms & Conditions of Supply.
3. By downloading Burp Suite Community Edition, you will be bound by, and deemed to have knowledge of all of the terms of the Burp Suite Community Edition Licence which are incorporated into these Terms & Conditions of Supply.
4. These Terms & Conditions of Supply are governed by and construed in accordance with English Law and are subject to the exclusive jurisdiction of the English Courts.
Burp Suite Community Edition Licence Agreement
This licence agreement which incorporates the General Terms and Conditions [downloaded herewith] (Licence) is a legal agreement between you (Licensee or you) and PORTSWIGGER LTD of Victoria Court, Bexton Road, Knutsford, WA16 0PF England (Licensor or we) for a suite of tools designed for web application security testers (Burp Suite Community Edition or Software), which includes computer software, and the online documentation current at the date of the download of this Licence (Documentation).
THE DOCUMENTATION CONTAINS THE SYSTEM REQUIREMENTS TO RUN BURP SUITE COMMUNITY EDITION . BY INSTALLING THE SOFTWARE YOU AGREE TO THE TERMS OF THE LICENCE AND THE BURP SUITE COMMUNITY EDITION TERMS AND CONDITIONS OF SUPPLY OF THE LICENSOR WHICH WILL BIND YOU AND YOUR EMPLOYEES. IF YOU DO NOT AGREE TO THE TERMS OF THIS LICENCE AND THE BURP SUITE COMMUNITY EDITION TERMS AND CONDITIONS OF SUPPLY, WE ARE UNWILLING TO LICENSE THE SOFTWARE TO YOU AND YOU MUST DISCONTINUE THE INSTALLATION PROCESS NOW. IN THIS CASE THE INSTALLATION WILL TERMINATE.
WARNING: BURP SUITE COMMUNITY EDITION IS DESIGNED TO TEST FOR SECURITY FLAWS AND CAN DO DAMAGE TO TARGET SYSTEMS DUE TO THE NATURE OF ITS FUNCTIONALITY. TESTING FOR SECURITY FLAWS INHERENTLY INVOLVES INTERACTING WITH TARGETS IN NON-STANDARD WAYS WHICH CAN CAUSE PROBLEMS IN SOME VULNERABLE TARGETS. YOU MUST TAKE DUE CARE WHEN USING THE SOFTWARE, YOU MUST READ ALL DOCUMENTATION BEFORE USE, YOU SHOULD BACK UP TARGET SYSTEMS BEFORE USE AND YOU SHOULD NOT USE THE SOFTWARE ON PRODUCTION SYSTEMS OR OTHER SYSTEMS FOR WHICH THE RISK OF DAMAGE IS NOT ACCEPTED BY YOU.
1. GRANT AND SCOPE OF LICENCE
1.1 In consideration of you agreeing to abide by the terms of this Licence, the Licensor hereby grants to you a non-exclusive, non-transferable licence to use the Software and the Documentation on the terms of the Licence.
1.2 You may either:
1.2.1 download, install and use the Software and Burp Apps (as defined in the General Terms and Conditions, condition 5,) for your internal business purposes (which includes bespoke client consultancy, if appropriate) only; and
18.104.22.168 make one copy of the Software for back-up purposes only, provided that this is necessary for the activities permitted under condition 1.2.1;
22.214.171.124 receive and use any free supplementary software code or update of the Software incorporating "patches" and corrections of errors as may be provided by the Licensor from time to time on the basis that they are governed by the terms of the Licence;
126.96.36.199 use any Documentation in support of the use permitted under condition 1.2.1 and make such numbers of copies of the Documentation as are reasonably necessary for its lawful use; and
188.8.131.52 analyse the behaviour and performance of the documented functionality of the Software and any Burp Apps (defined as aforesaid) and disclose the findings of such analysis to any party provided that such findings are provided simultaneously and in identical form to the Licensor; or
1.2.2 transfer the Software to an end-user only provided that you procure that the end-user is bound by the terms of this Licence Agreement for the benefit of the Licensor and that you indemnify the Licensor against all costs (including legal costs) charges and expenses incurred by the Licensor as a result of the failure by you to comply with the provisions of this paragraph and/or the transfer by you of the Software to the end-user.
1.3 If you are an end-user who has obtained lawfully the Software other than by direct acquisition from the Licensor you may carry out the functions on the terms specified in condition 1.2.1 above and you agree to be bound by this Licence Agreement directly in favour of the Licensor.
2. LICENSOR'S LIABILITY
2.1 Subject to the Warranty given in the General Terms and Conditions, condition 9.1, the Licensor's maximum aggregate liability under or in connection with this Licence, or any collateral contract, whether in contract, tort (including negligence) or otherwise, shall be limited to £50.
GENERAL TERMS AND CONDITIONS
These terms and conditions are applicable to and form part of the Licence entered into between you and the Licensor for the Software and apply, unless the context otherwise requires, whether the Software has been acquired either directly or indirectly by way of free download, pre-purchase or purchase on credit, free trial or by way of free licence for training purposes.
Unless the context otherwise requires words and expressions used in the Licence shall have the same meanings when used in these terms and conditions.
1. LICENSEE'S WARRANTY AND UNDERTAKINGS
1.1 You warrant that you are not purchasing the Software as a consumer, but will be using the Software in your business and that you are duly authorised by your business to acquire the Software.
1.2 Except as expressly set out in the Licence or as permitted by any local law, you undertake:
1.2.1 not to use the Software, the Documentation or any Burp Apps for any unlawful purposes, particularly as the Software contains functionality that can be used to attack and compromise computer systems;
1.2.2 to keep confidential any credentials provided by the Licensor enabling you to log in to the Licensor’s server (for the purposes of downloading product builds and licence keys and to perform product activation, to create Extensions (as defined in condition 5), or to access the Burp Collaborator server;
1.2.3 to obtain all necessary authorisations from system owners prior to using the Software or any Burp Apps thereon;
1.2.4 unless agreed by the Licensor not to copy the Software or Documentation except where such copying is incidental to normal use of the Software, or where it is necessary for the purpose of back-up or operational security;
1.2.5 subject to the provisions of condition 5, not to rent, lease, sub-license, loan, translate, merge, adapt, vary or modify the Software or Documentation;
1.2.6 subject to the provisions of condition 5, not to make alterations to, or modifications of, the whole or any part of the Software, nor permit the Software or any part of it to be combined with, or become incorporated in, any other programs;
1.2.7 not to disassemble, decompile, reverse engineer or create derivative works based on, the whole or any part of the Software nor attempt to do any such thing except to the extent that (by virtue of section 296A of the Copyright, Designs and Patents Act 1988) such actions cannot be prohibited because they are essential for the purpose of achieving inter-operability of the Software with another software program, and provided that the information obtained by you during such activities:
184.108.40.206 is used only for the purpose of achieving inter-operability of the Software with another software program; and
220.127.116.11 is not unnecessarily disclosed or communicated without the Licensor's prior written consent to any third party; and
18.104.22.168 is not used to create any software which is substantially similar to the Software;
1.2.8 to supervise and control use of the Software and ensure that the Software is used by your employees and representatives in accordance with the terms of the Licence;
1.2.9 to replace the current version of the Software with any updated or upgraded version or new release provided by the Licensor under the terms of the Licence immediately on receipt;
1.2.10 unless agreed by the Licensor not to copy the Software or Documentation except where such copying is incidental to normal use of the Software, or where it is necessary for the purpose of back-up or operational security;
1.2.11 to keep all copies of the Software secure and to maintain accurate and up-to-date records of the number of locations of all copies of the Software;
1.2.12 to include the copyright notice of the Licensor on all entire and partial copies you make of the Software on any medium;
1.2.13 not to provide or otherwise make available the Software in whole or in part (including but not limited to program listings, object and source program listings, object code and source code), in any form to any person other than your employees without prior written consent from the Licensor;
1.2.14 unless specifically authorised by us in writing, not to use the Software as part of an automated service offering to third parties;
1.2.15 not to engage in any activity, practice or conduct which would constitute an offence under sections 1, 2, or 6 of the Bribery Act 2010, if such activity, practice or conduct had been carried out in the UK;
1.2.16 to be responsible for all liability claims, actions, or causes of action, together with the legal costs of the Licensor in bringing the same, arising by reason of or in any way relating to your actions or activities of yourself, your employees, agents, or contractors under the Licence.
2. SUPPORT AND UPGRADES
2.1 The downloading of a licence for the Software entitles you to free product support at the Licensor's sole discretion.
2.2 If new releases of the Software are offered for sale, these may be made available free of charge to you for the duration of your Licence provided that you enter into a new licence agreement in respect of such new release.
3. BURP COLLABORATOR
3.1 The Licensor has developed Burp Collaborator which is a component of the Software’s automated and manual testing tools. Burp Collaborator involves the Licensee deploying a system on the public web (the "Collaborator Server") which acts as the recipient of third-system interactions that may be triggered by payloads that the Software sends to target systems enabling the detection of certain types of vulnerability. A full description of the functionality of Burp Collaborator forms part of the Documentation if it applies to the version of the Software you have downloaded.
3.2 The functionality of Burp Collaborator gives rise to issues that require careful consideration by the Licensee as fully set out in the Documentation. By utilising any features of the Software that may cause interaction with Burp Collaborator, the Licensee will be deemed to have read the relevant Documentation, fully understood the functionality and the alternative methods of utilisation of Burp Collaborator and considered the consequences of utilisation for its organisation and as a result of such consideration has decided that Burp Collaborator, in the form utilised by it, is suitable and appropriate for use by it. The Licensor considers Burp Collaborator to be efficacious in identifying vulnerabilities of the target website in connection with third-system interactions, but the Licensee must make its own evaluation before using the Burp Collaborator Server in one of the alternative manners set out in the Documentation if it applies to the version of the software you have downloaded.
3.3 Where you use the Burp Collaborator server as part of a bespoke consultancy permitted under the terms of the Licence, by doing so you warrant to the Licensor that you have recommended the client to use the Burp Collaborator server in accordance with the terms of the Documentation and the client has instructed you to use the same having discussed with you the contents of the Documentation relating thereto.
3.4 You acknowledge and accept that by utilising the Burp Collaborator server either on your own behalf or on behalf of your client pursuant to a bespoke consultancy, we could be a Sub-Processor of your client’s personal data under the provisions of the General Data Protection Regulation (Regulation (EU) 2016/679). If we do act as a Sub-Processor, we shall handle your or your client’s data in accordance with our Privacy Notice and as set out in the Documentation relating to Burp Collaborator.
4. BURP INFILTRATOR
4.1 The Licensor has developed Burp Infiltrator which is a component of the Software for instrumenting deployed applications in order to facilitate testing using the Software. Burp Infiltrator involves the Licensee deploying or procuring deployment of the Infiltrator component within the target system which enhances the ability of the Software to detect certain types of vulnerability. A full description of the functionality of Burp Infiltrator forms part of the Documentation if it applies to the version of the Software you have downloaded.
4.2 The functionality of Burp Infiltrator gives rise to issues that require careful consideration by the user as fully set out in the Documentation. By deploying or procuring deployment of the Infiltrator tool, the Licensee will be deemed to have read the relevant Documentation, fully understood the functionality of Burp Infiltrator and considered the consequences of utilisation for its organisation and any bespoke consultancy clients of the Licensee and, as a result of such consideration, has decided that Burp Infiltrator is suitable and appropriate for use by it and by any client of the Licensee. The Licensor considers Burp Infiltrator to be efficacious in helping to identify vulnerabilities of the target website, but the Licensee must make its own evaluation before utilising Burp Infiltrator in the manner set out in the Documentation.
4.3 If the Licensee causes its client to install Burp Infiltrator as part of a bespoke consultancy permitted under the terms of the Licence, by so doing it warrants to the Licensor that it has recommended to the client to install Burp Infiltrator on its system and has discussed with the client the contents of the Documentation relating thereto and the potential consequences of such installation.
5.1 In the Licence Agreement "Extension" means all programming additions made by a Licensee or on his behalf or with his concurrence to the Software using the Burp Extender API (as hereinafter defined) to either
5.1.1 extend the functionality of the Software or any other software produced by the Licensor; or
5.1.2 enable the Software or any other software produced by the Licensor to inter-operate with other software;
but not to copy, clone, reproduce or emulate any existing feature of any software produced by the Licensor;
and "Burp App" or "BApp" means an Extension adopted by the Licensor pursuant to this clause.
5.2 "Burp Extender API" means the official Burp Extender application programming interface available as part of the Documentation.
5.3 Extensions may be created for the use of the Licensee Provided that if any such Extension is published (which, for the avoidance of doubt, shall include sharing such Extension with another Licensee or a third party unless the party to which the Extension is provided is either a client of the Licensee and the relevant Extension has been created for use on an engagement for that or another client of the Licensee, or another Licensee within your organisation) the Licensee shall notify the Licensor and provide to it a copy of such Extension and the Licensee agrees that any such Extension shall, at the option of the Licensor, become either
5.3.1 a Burp App; or
5.3.2 part of the Software.
5.4 When the creation of an Extension is notified to the Licensor or shared publicly and comes to the attention of the Licensor the Licensor has the option to make the Extension a Burp App (Burp App, or BApp) after having carried out the necessary checks to ensure that the Extension is efficacious and suitable for use with the Software.
5.5 The Licensor has established the BApp Store product feature where Burp Apps are described and may be downloaded without charge for use as an Extension.
5.6 By designating an Extension a Burp App the Licensor warrants that the Extension has been checked by the Licensor and has been deemed suitable for use with the Software.
5.7 All Extensions and Burp Apps remain the property of the author but by creating such Extension, the author has granted an irrevocable perpetual licence free of charge to the Licensor to incorporate such Extension in the Software at the Licensor's option and an irrevocable perpetual licence free of charge to all Licensees who download the Burp App from the BApp Store.
5.8 If, at the sole option of the Licensor, the Licensor incorporates an Extension into the Software a notice will be placed on the BApp Store to that effect.
5.9 The Licensor retains the right without incurring any liability to the Licensee to disable without notice any Burp App being used by the Licensee where the Licensor considers in its sole discretion that use of such Burp App with the Software is problematical.
6. THIRD PARTY SOFTWARE
The Software may make use of third party technology that is provided with the Software. We may provide certain notices to you in the Documentation, readmes or notice files in connection with such third party technology. Third party technology will be licensed to you either under the terms of this License or, if specified in the Documentation, readmes or notice files, under separate terms.
7. INTELLECTUAL PROPERTY RIGHTS
7.1 You acknowledge that all intellectual property rights in the Software and the Documentation anywhere in the world belong to the Licensor, that rights in the Software are licensed (not sold) to you, and that you have no rights in, or to, the Software or the Documentation other than the right to use them in accordance with the terms of the Licence.
7.2 You acknowledge that you have no right to have access to the Software in source code form.
7.3 The integrity of this Software is protected by technical protection measures (TPM) so that the intellectual property rights, including copyright, in the Software of the Licensor are not misappropriated. You must not attempt in any way to remove or circumvent any such TPM, nor apply or manufacture for sale or hire, import, distribute, sell or let for hire, offer or expose for sale or hire, advertise for sale or hire or have in your possession for private or commercial purposes any means the sole intended purpose of which is to facilitate the unauthorised removal or circumvention of such TPM.
8. LICENSOR'S WARRANTY
8.1 The Licensor warrants that for a period of 90 days from the date of purchase of the Software (Warranty Period) the Software will, when properly used, perform substantially in accordance with the functions described in the Documentation (provided that the Software is properly used on the computer and with the runtime environment for which it was designed as referred to in the Documentation). Burp Apps do not have the benefit of this warranty and the warranty in relation to Burp Collaborator is limited as set out in the Documentation as it relates to Burp Collaborator.
8.2 You acknowledge that the Software and the Burp Apps have not been developed to meet your individual requirements, and that it is therefore your responsibility to ensure that the facilities and functions of the Software as described in the Documentation and the facilities and functions of any Burp App meet your requirements.
8.3 You acknowledge that the Software and the Burp Apps may not be free of bugs or errors, and agree that the existence of minor errors shall not constitute a breach of the Licence.
8.4 If, within the Warranty Period, you notify the Licensor in writing of any defect or fault in the Software in consequence of which it fails to perform substantially in accordance with the Documentation, and such defect or fault does not result from you having amended the Software or used it in contravention of the terms of the Licence, the Licensor will, at its sole option, either repair or replace the Software, provided that you make available all the information that may be necessary to help the Licensor to remedy the defect or fault, including sufficient information to enable the Licensor to recreate the defect or fault.
9. LICENSOR'S LIABILITY
YOUR ATTENTION IS DRAWN PARTICULARLY TO THE PROVISIONS OF THIS CONDITION
9.1 Nothing in the Licence shall limit or exclude the liability of either party for death or personal injury resulting from negligence, fraud, fraudulent misrepresentation.
9.2 Subject to condition 9.1, the Licensor's liability for losses suffered by you arising out of or in connection with the Licence (including any liability for the acts or omissions of its employees, agents and subcontractors), whether arising in contract, tort (including negligence), misrepresentation or otherwise, shall not include liability for:
9.2.1 loss of turnover, sales or income;
9.2.2 loss of business profits or contracts;
9.2.3 business interruption;
9.2.4 loss of the use of money or anticipated savings;
9.2.5 loss of information;
9.2.6 loss of opportunity, goodwill or reputation;
9.2.7 loss of, damage to or corruption of software or data; or
9.2.8 any indirect or consequential loss or damage of any kind howsoever arising and whether caused by tort (including negligence), breach of contract or otherwise;
provided that this condition 9.2 shall not prevent claims for loss of or damage to your tangible property or any other claims for direct financial loss that are not excluded by any of categories 9.2.1 to 9.2.8 inclusive of this condition 9.2.
9.3 Subject to condition 9.1, condition 9.2 and condition 9.3, the Licensor's liability for infringement of third-party intellectual property rights shall be limited to breaches of rights subsisting in the UK.
9.4 The Licence sets out the full extent of the Licensor's obligations and liabilities in respect of the supply of the Software and Burp Apps. In particular, there are no conditions, warranties, representations or other terms, express or implied, that are binding on the Licensor except as specifically stated in the Licence. Any condition, warranty, representation or other term concerning the supply of the Software and Burp Apps which might otherwise be implied into, or incorporated in, the Licence, or any collateral contract, whether by statute, common law or otherwise, is hereby excluded to the fullest extent permitted by law.
10. PUBLICITY AND COMMUNICATION
10.1 By entering into the Licence you agree that we may refer to you as one of our customers internally and in externally published media and, where relevant, you grant your consent to the use of your logo for this purpose, unless you notify us in writing that we may not refer to you for such purpose. Any additional disclosure by us with respect to you shall be subject to your prior written consent.
10.4 Any questions, comments and requests regarding our data processing practices may be addressed to firstname.lastname@example.org.
11.1 The Licensor may terminate the Licence immediately by written notice to you if you commit a material or persistent breach of the Licence which you fail to remedy (if remediable) within 14 days after the service of written notice requiring you to do so.
11.2 Upon termination for any reason:
11.2.1 all rights granted to you under the Licence shall cease;
11.2.2 you must cease all activities authorised by the Licence;
11.2.3 you must immediately delete or remove the Software and any Burp Apps from all computer equipment in your possession, and immediately destroy or return to the Licensor (at the Licensor's option) all copies of the Software and Burp Apps then in your possession, custody or control and, in the case of destruction, certify to the Licensor that you have done so.
11.2.4 You must immediately pay to the Licensor any sums due to the Licensor under the Licence.
12. TRANSFER OF RIGHTS AND OBLIGATIONS
12.1 The Licence is binding on you and us, and on our respective successors and assigns.
12.2 You may not transfer, assign, charge or otherwise dispose of the Licence, or any of your rights or obligations arising under it, without our prior written consent.
12.3 We may transfer, assign, charge, sub-contract or otherwise dispose of the Licence, or any of our rights or obligations arising under it, at any time during the term of the Licence.
All notices given by you to us must be given to PortSwigger Ltd at email@example.com or Victoria Court, Bexton Road, Knutsford, WA16 0PF England. We may give notice to you at either the e-mail or postal address you provided to us when purchasing the Software. Notice will be deemed received and properly served immediately when posted on our website, 24 hours after an e-mail is sent, or three days after the date of posting of any letter. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the post and, in the case of an e-mail, that such e-mail was sent to the specified e-mail address of the addressee.
14. EVENTS OUTSIDE OUR CONTROL
14.1 We will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations under the Licence that is caused by events outside our reasonable control (Force Majeure Event).
14.2 A Force Majeure Event includes any act, event, non-happening, omission or accident beyond our reasonable control and includes in particular (without limitation) the following:
14.2.1 strikes, lock-outs or other industrial action;
14.2.2 civil commotion, riot, invasion, terrorist attack or threat of terrorist attack, war (whether declared or not) or threat of or preparation for war;
14.2.3 fire, explosion, storm, flood, earthquake, subsidence, epidemic or other natural disaster;
14.2.4 impossibility of the use of railways, shipping, aircraft, motor transport or other means of public or private transport;
14.2.5 impossibility of the use of public or private telecommunications networks;
14.2.6 the acts, decrees, legislation, regulations or restrictions of any government.
14.3 Our performance under the Licence is deemed to be suspended for the period that the Force Majeure Event continues, and we will have an extension of time for performance for the duration of that period. We will use our reasonable endeavours to bring the Force Majeure Event to a close or to find a solution by which our obligations under the Licence may be performed despite the Force Majeure Event.
15.1 If we fail, at any time during the term of the Licence, to insist upon strict performance of any of your obligations under the Licence, or if we fail to exercise any of the rights or remedies to which we are entitled under the Licence, this shall not constitute a waiver of such rights or remedies and shall not relieve you from compliance with such obligations.
15.2 A waiver by us of any default shall not constitute a waiver of any subsequent default.
15.3 No waiver by us of any of the provisions of the Licence shall be effective unless it is expressly stated to be a waiver and is communicated to you in writing.
If any of the terms of the Licence are determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term, condition or provision will to that extent be severed from the remaining terms, conditions and provisions which will continue to be valid to the fullest extent permitted by law.
17. ENTIRE AGREEMENT
17.1 This Licence and any document expressly referred to in it represents the entire agreement between us in relation to the licensing of the Software, the Documentation and any Burp Apps and supersedes any prior agreement, understanding or arrangement between us, whether oral or in writing.
17.2 We each acknowledge that, in entering into the Licence, neither of us has relied on any representation, undertaking or promise given by the other or implied from anything said or written in negotiations between us prior to entering into the Licence except as expressly stated in the Licence.
17.3 Neither of us shall have any remedy in respect of any untrue statement made by the other, whether orally or in writing, prior to the date we entered into this Licence (unless such untrue statement was made fraudulently) and the other party's only remedy shall be for breach of contract as provided in these terms and conditions.
18. LAW AND JURISDICTION
The Licence, its subject matter or its formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with English law and submitted to the exclusive jurisdiction of the English courts.