login

Burp Suite, the leading toolkit for web application security testing

Suite Options

Burp contains a large number of Suite-wide options that affect the behavior of all tools.

Use the links below for help on each group of options:

Support Center

Get help and join the community discussions at the Burp Suite Support Center.

Visit the Support Center ›

Wednesday, July 29, 2015

1.6.23

This release adds a new scan check for external service interaction and out-of-band resource load via injected XML doctype tags containing entity parameters.

Burp Scanner now modifies XML in requests to inject a doctype tag that defines an XML entity parameter that references a Burp Collaborator URL, and reports an appropriate issue based on any observed interactions (DNS or HTTP) that reach the Burp Collaborator server.

See all release notes ›

Copyright © 2015 PortSwigger Ltd. All rights reserved.