This licence agreement (Licence) is a legal agreement between you (Licensee or you) and PORTSWIGGER LTD of Victoria Court, Bexton Road, Knutsford, WA16 0PF England (Licensor or we) for a suite of tools designed for web application security testers (Burp Suite Professional or Software), which includes computer software, and the online documentation current at the date of the download of this Licence (Documentation).
BURP SUITE PROFESSIONAL REQUIRES A COMPUTER WITH A MINIMUM OF 4GB OF MEMORY AND THE OFFICIAL JAVA RUNTIME ENVIRONMENT (64-BIT EDITION, VERSION 1.7 OR LATER). IF YOU INTEND TO USE THE SOFTWARE ON ANY OTHER PLATFORM YOU SHOULD FIRST TEST THE FREE VERSION OF BURP SUITE ON THAT PLATFORM TO SATISFY YOURSELF THAT IT WORKS CORRECTLY. INTERNET ACCESS IS REQUIRED DURING INSTALLATION TO ACTIVATE THE SOFTWARE. BY INSTALLING THE SOFTWARE YOU AGREE TO THE TERMS OF THIS LICENCE AND THE TERMS AND CONDITIONS OF THE LICENSOR WHICH WILL BIND YOU AND YOUR EMPLOYEES. IF YOU DO NOT AGREE TO THE TERMS OF THIS LICENCE AND THE TERMS AND CONDITIONS, WE ARE UNWILLING TO LICENSE THE SOFTWARE TO YOU AND YOU MUST DISCONTINUE THE ORDERING OR INSTALLATION PROCESS NOW. IN THIS CASE THE ORDERING PROCESS OR INSTALLATION WILL TERMINATE.
WARNING: BURP SUITE PROFESSIONAL IS DESIGNED TO TEST FOR SECURITY FLAWS AND CAN DO DAMAGE TO TARGET SYSTEMS DUE TO THE NATURE OF ITS FUNCTIONALITY. TESTING FOR SECURITY FLAWS INHERENTLY INVOLVES INTERACTING WITH TARGETS IN NON-STANDARD WAYS WHICH CAN CAUSE PROBLEMS IN SOME VULNERABLE TARGETS. YOU MUST TAKE DUE CARE WHEN USING THE SOFTWARE, YOU MUST READ ALL DOCUMENTATION BEFORE USE, YOU SHOULD BACK UP TARGET SYSTEMS BEFORE USE AND YOU SHOULD NOT USE THE SOFTWARE ON PRODUCTION SYSTEMS OR OTHER SYSTEMS FOR WHICH THE RISK OF DAMAGE IS NOT ACCEPTED BY YOU.
1. GRANT AND SCOPE OF LICENCE
1.1 In consideration of payment by you of any agreed licence fee and you agreeing to abide by the terms of this Licence, the Licensor hereby grants to you a non-exclusive, non-transferable licence for the period (the "Licence Period") specified in your order confirmation for the number of individual users specified therein to use the Software and the Documentation on the terms of this Licence.
1.2 Each installation of Burp Suite Professional on an individual computer needs to be activated before it will operate. It is recognised that in the course of ordinary usage of the Software, individual users may need to install the product on more than one computer. The number of activations performed for each licence is monitored. The Licensor reserves the right to limit the number of activations allowed per licence, and to prevent further activations if this limit is exceeded.
1.3 You may either:
1.3.1 download, install and use the Software and Burp Apps (as defined in condition 4) for your internal business purposes (which includes bespoke client consultancy, if appropriate) only; and
126.96.36.199 make one copy of the Software for back-up purposes only, provided that this is necessary for the activities permitted under condition 1.3.1;
188.8.131.52 receive and use any free supplementary software code or update of the Software incorporating "patches" and corrections of errors as may be provided by the Licensor from time to time on the basis that they are governed by the terms of this Licence;
184.108.40.206 use any Documentation in support of the use permitted under condition 1.3.1 and make such numbers of copies of the Documentation as are reasonably necessary for its lawful use; and
220.127.116.11 analyse the behaviour and performance of the documented functionality of the Software and any Burp Apps (defined as aforesaid) and disclose the findings of such analysis to any party provided that such findings are provided simultaneously and in identical form to the Licensor; or
1.3.2 resell the Software provided that you procure that the purchaser is bound by the terms of this Licence Agreement for the benefit of the Licensor and that you indemnify the Licensor against all costs (including legal costs) charges and expenses incurred by the Licensor as a result of the failure by you to comply with the provisions of this paragraph and/or the resale by you of the Software to the purchaser.
1.4 If you are a purchaser who has obtained lawfully the Software other than by direct purchase from the Licensor you may carry out the functions on the terms specified in paragraph 1.3.1 above and, in consideration of the Licensor agreeing to provide updates of the Software to you during the Licence Period, either directly or via the relevant intermediary or intermediaries, you agree to be bound by this Licence Agreement directly in favour of the Licensor.
2. LICENSEE'S WARRANTY AND UNDERTAKINGS
2.1 You warrant that you are not purchasing the Software as a consumer, but will be using the Software in your business and that you are duly authorised by your business to purchase the Software.
2.2 Except as expressly set out in this Licence or as permitted by any local law, you undertake:
2.2.1 not to use the Software, the Documentation or any Burp Apps for any unlawful purposes, particularly as Burp Suite Professional contains functionality that can be used to attack and compromise computer systems.
2.2.2 to obtain all necessary authorisations from system owners prior to using Burp Suite Professional or any Burp Apps thereon;
2.2.3 to keep confidential any credentials provided by the Licensor enabling you to log in to the Licensor's server (for the purposes of downloading product builds and licence keys and to perform product activation, to create Extensions (as defined in condition 4)), or to access the Burp Collaborator server;
2.2.4 not to copy the Software or Documentation except where such copying is incidental to normal use of the Software, or where it is necessary for the purpose of back-up or operational security;
2.2.5 subject to the provisions of condition 4, not to rent, lease, sub-license, loan, translate, merge, adapt, vary or modify the Software or Documentation;
2.2.6 subject to the provisions of condition 4, not to make alterations to, or modifications of, the whole or any part of the Software, nor permit the Software or any part of it to be combined with, or become incorporated in, any other programs;
2.2.7 not to disassemble, decompile, reverse engineer or create derivative works based on, the whole or any part of the Software nor attempt to do any such thing except to the extent that (by virtue of section 296A of the Copyright, Designs and Patents Act 1988) such actions cannot be prohibited because they are essential for the purpose of achieving inter-operability of the Software with another software program, and provided that the information obtained by you during such activities:
18.104.22.168 is used only for the purpose of achieving inter-operability of the Software with another software program; and
22.214.171.124 is not unnecessarily disclosed or communicated without the Licensor's prior written consent to any third party; and
126.96.36.199 is not used to create any software which is substantially similar to the Software;
2.2.8 to keep all copies of the Software secure and to maintain accurate and up-to-date records of the number and locations of all copies of the Software;
2.2.9 to supervise and control use of the Software and ensure that the Software is used by your employees and representatives in accordance with the terms of this Licence;
2.2.10 to replace the current version of the Software with any updated or upgraded version or new release provided by the Licensor under the terms of this Licence immediately on receipt;
2.2.11 to include the copyright notice of the Licensor on all entire and partial copies you make of the Software on any medium;
2.2.12 not to provide or otherwise make available the Software in whole or in part (including but not limited to program listings, object and source program listings, object code and source code), in any form to any person other than your employees without prior written consent from the Licensor;
2.2.13 unless specifically authorised by us in writing, not to use the Software as part of an automated service offering to third parties;
2.2.14 not to engage in any activity, practice or conduct which would constitute an offence under sections 1, 2, or 6 of the Bribery Act 2010, if such activity, practice or conduct had been carried out in the UK;
2.2.15 to be responsible for all liability claims, actions, or causes of action, together with the legal costs of the Licensor in bringing the same, arising by reason of or in any way relating to your actions or activities of yourself, your employees, agents, or contractors under this Licence Agreement.
3. SUPPORT AND UPGRADES
3.1 Purchase of a licence for Burp Suite Professional entitles you to free product support at the Licensor's sole discretion.
3.2 If new releases of Burp Suite Professional are offered for sale, these may be made available free of charge to you for the duration of your Licence provided that you enter into a new licence agreement in respect of such new release.
4.1 In this Licence Agreement "Extension" means all programming additions made by a Licensee or on his behalf or with his concurrence to the Software using the Burp Extender API (as hereinafter defined) to either
4.1.1 extend the functionality of the Software or any other software produced by the Licensor; or
4.1.2 enable the Software or any other software produced by the Licensor to inter-operate with other software;
but not to copy, clone, reproduce or emulate any existing feature of any software produced by the Licensor;
and "Burp App" or "BApp" means an Extension adopted by the Licensor pursuant to this clause.
4.2 "Burp Extender API" means the official Burp Extender application programming interface available as part of the Documentation.
4.3 Extensions may be created for the use of the Licensee Provided that if any such Extension is published (which, for the avoidance of doubt, shall include sharing such Extension with another Licensee or a third party unless the party to which the Extension is provided is either a client of the Licensee and the relevant Extension has been created for use on an engagement for that or another client of the Licensee, or another Licensee within your organisation) the Licensee shall notify the Licensor and provide to it a copy of such Extension and the Licensee agrees that any such Extension shall, at the option of the Licensor, become either
4.3.1 a Burp App; or
4.3.2 part of the Software.
4.4 When the creation of an Extension is notified to the Licensor or shared publicly and comes to the attention of the Licensor the Licensor has the option to make the Extension a Burp App (Burp App, or BApp) after having carried out the necessary checks to ensure that the Extension is efficacious and suitable for use with the Software.
4.5 The Licensor has established the BApp Store product feature where Burp Apps are described and may be downloaded without charge for use as an Extension.
4.6 By designating an Extension a Burp App the Licensor warrants that the Extension has been checked by the Licensor and has been deemed suitable for use with the Software.
4.7 All Extensions and Burp Apps remain the property of the author but by creating such Extension, the author has granted an irrevocable perpetual licence free of charge to the Licensor to incorporate such Extension in the Software at the Licensor's option and an irrevocable perpetual licence free of charge to all Licensees who download the Burp App from the BApp Store.
4.8 If, at the sole option of the Licensor, the Licensor incorporates an Extension into the Software a notice will be placed on the BApp Store to that effect.
4.9 The Licensor retains the right without incurring any liability to the Licensee to disable without notice any Burp App being used by the Licensee where the Licensor considers in its sole discretion that use of such Burp App with the Software is problematical.
5. BURP COLLABORATOR
5.1 The Licensor has developed Burp Collaborator which is a component of the Software’s automated and manual testing tools. Burp Collaborator involves the Licensee deploying a system on the public web (the "Collaborator Server") which acts as the recipient of third-system interactions that may be triggered by payloads that the Software sends to target systems enabling the detection of certain types of vulnerability. A full description of the functionality of Burp Collaborator forms part of the Documentation.
5.2 The functionality of Burp Collaborator gives rise to issues that require careful consideration by the Licensee as fully set out in the Documentation. By utilising any features of the Software that may cause interaction with Burp Collaborator, the Licensee will be deemed to have read the relevant Documentation, fully understood the functionality and the alternative methods of utilisation of Burp Collaborator and considered the consequences of utilisation for its organisation and as a result of such consideration has decided that Burp Collaborator, in the form utilised by it, is suitable and appropriate for use by it. The Licensor considers Burp Collaborator to be efficacious in identifying vulnerabilities of the target website in connection with third-system interactions, but the Licensee must make its own evaluation before using the Burp Collaborator Server in one of the alternative manners set out in the Documentation.
6. BURP INFILTRATOR
6.1 The Licensor has developed Burp Infiltrator which is a component of the Software for instrumenting deployed applications in order to facilitate testing using the Software. Burp Infiltrator involves the Licensee deploying or procuring deployment of the Infiltrator component within the target system which enhances the ability of the Software to detect certain types of vulnerability. A full description of the functionality of Burp Infiltrator forms part of the Documentation.
6.2 The functionality of Burp Infiltrator gives rise to issues that require careful consideration by the user as fully set out in the Documentation. By deploying or procuring deployment of the Infiltrator tool, the Licensee will be deemed to have read the relevant Documentation, fully understood the functionality of Burp Infiltrator and considered the consequences of utilisation for its organisation and any bespoke consultancy clients of the Licensee and, as a result of such consideration, has decided that Burp Infiltrator is suitable and appropriate for use by it and by any client of the Licensee. The Licensor considers Burp Infiltrator to be efficacious in helping to identify vulnerabilities of the target website, but the Licensee must make its own evaluation before utilising Burp Infiltrator in the manner set out in the Documentation.
6.3 If the Licensee causes its client to install Burp Infiltrator as part of a bespoke consultancy permitted pursuant to clause 1.3.1 above, by so doing it warrants to the Licensor that it has recommended to the client to install Burp Infiltrator on its system and has discussed with the client the contents of the Documentation relating thereto and the potential consequences of such installation.
7. INTELLECTUAL PROPERTY RIGHTS
7.1 You acknowledge that all intellectual property rights in the Software and the Documentation anywhere in the world belong to the Licensor, that rights in the Software are licensed (not sold) to you, and that you have no rights in, or to, the Software or the Documentation other than the right to use them in accordance with the terms of this Licence.
7.2 You acknowledge that you have no right to have access to the Software in source code form.
7.3 The integrity of this Software is protected by technical protection measures (TPM) so that the intellectual property rights, including copyright, in the Software of the Licensor are not misappropriated. You must not attempt in any way to remove or circumvent any such TPM, nor apply or manufacture for sale or hire, import, distribute, sell or let for hire, offer or expose for sale or hire, advertise for sale or hire or have in your possession for private or commercial purposes any means the sole intended purpose of which is to facilitate the unauthorised removal or circumvention of such TPM.
8. LICENSOR'S WARRANTY
8.1 The Licensor warrants that for a period of 90 days from the date of purchase of the Software (Warranty Period) the Software will, when properly used, perform substantially in accordance with the functions described in the Documentation (provided that the Software is properly used on the computer and with the runtime environment for which it was designed as referred to herein). Burp Apps do not have the benefit of this warranty and the warranty in relation to Burp Collaborator is limited as set out in the Documentation as it relates to Burp Collaborator.
8.2 You acknowledge that the Software and the Burp Apps have not been developed to meet your individual requirements, and that it is therefore your responsibility to ensure that the facilities and functions of the Software as described in the Documentation and the facilities and functions of any Burp App meet your requirements.
8.3 You acknowledge that the Software and the Burp Apps may not be free of bugs or errors, and agree that the existence of minor errors shall not constitute a breach of this Licence.
8.4 If, within the Warranty Period, you notify the Licensor in writing of any defect or fault in the Software in consequence of which it fails to perform substantially in accordance with the Documentation, and such defect or fault does not result from you having amended the Software or used it in contravention of the terms of this Licence, the Licensor will, at its sole option, either repair or replace the Software, provided that you make available all the information that may be necessary to help the Licensor to remedy the defect or fault, including sufficient information to enable the Licensor to recreate the defect or fault.
9. LICENSOR'S LIABILITY
YOUR ATTENTION IS DRAWN PARTICULARLY TO THE PROVISIONS OF THIS CONDITION
9.1 Nothing in this Licence shall limit or exclude the liability of either party for death or personal injury resulting from negligence, fraud, fraudulent misrepresentation.
9.2 Subject to condition 9.1, the Licensor's liability for losses suffered by you arising out of or in connection with this agreement (including any liability for the acts or omissions of its employees, agents and subcontractors), whether arising in contract, tort (including negligence), misrepresentation or otherwise, shall not include liability for:
9.2.1 loss of turnover, sales or income;
9.2.2 loss of business profits or contracts;
9.2.3 business interruption;
9.2.4 loss of the use of money or anticipated savings;
9.2.5 loss of information;
9.2.6 loss of opportunity, goodwill or reputation;
9.2.7 loss of, damage to or corruption of software or data; or
9.2.8 any indirect or consequential loss or damage of any kind howsoever arising and whether caused by tort (including negligence), breach of contract or otherwise;
provided that this condition 9.2 shall not prevent claims for loss of or damage to your tangible property that fall within the terms of condition 8 or any other claims for direct financial loss that are not excluded by any of categories 9.2.1 to 9.2.8 inclusive of this condition 9.2.
9.3 Subject to condition 9.1, the Licensor's maximum aggregate liability under or in connection with this Licence, or any collateral contract, whether in contract, tort (including negligence) or otherwise, shall be limited to a sum equal to 100% of the Licence Fee.
9.4 Subject to condition 9.1, condition 9.2 and condition 9.3, the Licensor's liability for infringement of third-party intellectual property rights shall be limited to breaches of rights subsisting in the UK.
9.5 This Licence sets out the full extent of the Licensor's obligations and liabilities in respect of the supply of the Software and Burp Apps. In particular, there are no conditions, warranties, representations or other terms, express or implied, that are binding on the Licensor except as specifically stated in this Licence. Any condition, warranty, representation or other term concerning the supply of the Software and Burp Apps which might otherwise be implied into, or incorporated in, this Licence, or any collateral contract, whether by statute, common law or otherwise, is hereby excluded to the fullest extent permitted by law.
10. PUBLICITY AND COMMUNICATION
10.1 By entering into this Licence Agreement you agree that we may refer to you as one of our customers internally and in externally published media and, where relevant, you grant your consent to the use of your logo for this purpose, unless you notify us in writing that we may not refer to you for such purpose. Any additional disclosure by us with respect to you shall be subject to your prior written consent.
10.4 Any questions, comments and requests regarding our data processing practices may be addressed to firstname.lastname@example.org.
11.1 The Licensor may terminate this Licence immediately by written notice to you if you commit a material or persistent breach of this Licence which you fail to remedy (if remediable) within 14 days after the service of written notice requiring you to do so.
11.2 Upon termination for any reason:
11.2.1 all rights granted to you under this Licence shall cease;
11.2.2 you must cease all activities authorised by this Licence;
11.2.3 you must immediately pay to the Licensor any sums due to the Licensor under this Licence; and
11.2.4 you must immediately delete or remove the Software and any Burp Apps from all computer equipment in your possession, and immediately destroy or return to the Licensor (at the Licensor's option) all copies of the Software and Burp Apps then in your possession, custody or control and, in the case of destruction, certify to the Licensor that you have done so.
12. TRANSFER OF RIGHTS AND OBLIGATIONS
12.1 This Licence is binding on you and us, and on our respective successors and assigns.
12.2 You may not transfer, assign, charge or otherwise dispose of this Licence, or any of your rights or obligations arising under it, without our prior written consent.
12.3 We may transfer, assign, charge, sub-contract or otherwise dispose of this Licence, or any of our rights or obligations arising under it, at any time during the term of the Licence.
All notices given by you to us must be given to PortSwigger Ltd at email@example.com or Victoria Court, Bexton Road, Knutsford, WA16 0PF England. We may give notice to you at either the e-mail or postal address you provided to us when purchasing the Software. Notice will be deemed received and properly served immediately when posted on our website, 24 hours after an e-mail is sent, or three days after the date of posting of any letter. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the post and, in the case of an e-mail, that such e-mail was sent to the specified e-mail address of the addressee.
14. EVENTS OUTSIDE OUR CONTROL
14.1 We will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations under this Licence that is caused by events outside our reasonable control (Force Majeure Event).
14.2 A Force Majeure Event includes any act, event, non-happening, omission or accident beyond our reasonable control and includes in particular (without limitation) the following:
14.2.1 strikes, lock-outs or other industrial action;
14.2.2 civil commotion, riot, invasion, terrorist attack or threat of terrorist attack, war (whether declared or not) or threat or preparation for war;
14.2.3 fire, explosion, storm, flood, earthquake, subsidence, epidemic or other natural disaster;
14.2.4 impossibility of the use of railways, shipping, aircraft, motor transport or other means of public or private transport;
14.2.5 impossibility of the use of public or private telecommunications networks;
14.2.6 the acts, decrees, legislation, regulations or restrictions of any government.
14.3 Our performance under this Licence is deemed to be suspended for the period that the Force Majeure Event continues, and we will have an extension of time for performance for the duration of that period. We will use our reasonable endeavours to bring the Force Majeure Event to a close or to find a solution by which our obligations under this Licence may be performed despite the Force Majeure Event.
15.1 If we fail, at any time during the term of this Licence, to insist upon strict performance of any of your obligations under this Licence, or if we fail to exercise any of the rights or remedies to which we are entitled under this Licence, this shall not constitute a waiver of such rights or remedies and shall not relieve you from compliance with such obligations.
15.2 A waiver by us of any default shall not constitute a waiver of any subsequent default.
15.3 No waiver by us of any of these terms and conditions shall be effective unless it is expressly stated to be a waiver and is communicated to you in writing.
If any of the terms of this Licence are determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term, condition or provision will to that extent be severed from the remaining terms, conditions and provisions which will continue to be valid to the fullest extent permitted by law.
17. ENTIRE AGREEMENT
17.1 This Licence and any document expressly referred to in it represents the entire agreement between us in relation to the licensing of the Software, the Documentation and any Burp Apps and supersedes any prior agreement, understanding or arrangement between us, whether oral or in writing.
17.2 We each acknowledge that, in entering into this Licence, neither of us has relied on any representation, undertaking or promise given by the other or implied from anything said or written in negotiations between us prior to entering into this Licence except as expressly stated in this Licence.
17.3 Neither of us shall have any remedy in respect of any untrue statement made by the other, whether orally or in writing, prior to the date we entered into this Licence (unless such untrue statement was made fraudulently) and the other party's only remedy shall be for breach of contract as provided in these terms and conditions.
18. LAW AND JURISDICTION
This Licence, its subject matter or its formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with English law and submitted to the exclusive jurisdiction of the English courts.