These settings let you configure hotkeys for common actions. Numerous types of actions can be assigned a hotkey, in the following categories:
A number of hotkeys are configured by default. Note that very many more actions are available to have a hotkey assigned, if you use them frequently.
All hotkeys must use the Control key (or the Command key on OSX), and may also use Shift and other available modifiers. Note that on some Windows installations the Ctrl+Alt combination is treated by Windows as equivalent to AltGr, and so may result in typed characters appearing when pressed in text fields.
These settings control logging of HTTP requests and responses. Logging can be configured per-tool or for all Burp traffic.
These settings let you configure where Burp stores its temporary files.
By default, Burp creates a directory within the temporary file location provided by the platform. You can modify this behavior to use a custom directory - for example, on a different volume, or which is not world-readable.
On Mac OS X, you may find that the default temporary file location is sometimes cleared following system hibernation, causing Burp to lose its temporary files. You can resolve this problem by configuring a custom location for Burp to store its temporary files.
Changes to this setting take effect the next time Burp starts up.
[Pro version] These settings let you configure Burp to save a backup of all tools' state and configuration in the background at a configurable interval, and also optionally on exit.
Using these options means you will generally have a recent backup copy of your work in the event that Burp exits abnormally. If you have configured the target scope for your work, you can use the "Include in-scope items only" to reduce the amount of data that must be saved.
[Pro version] See the Task Scheduler documentation.
Burp Collaborator is an external service that Burp can use to help discover many kinds of vulnerabilities. For more details about the functionality and alternative methods of utilization of Burp Collaborator, see the main Burp Collaborator documentation.
Note: The functionality of Burp Collaborator gives rise to issues that require careful consideration by users. Users should ensure that they fully understand the functionality and the alternative methods of utilization of Burp Collaborator, and have considered the consequences of utilization for themselves and their organization.
The following options for using Burp Collaborator server are available:
If you are using a private Collaborator server, you will need to configure Burp with the details of its location. The following options are available:
The following further options are also available:
You can help improve Burp by submitting anonymous feedback about Burp's performance.
Feedback only contains technical information about Burp's internal functioning, and does not identify you in any way. If you do report a bug, you can help us diagnose any problems that your instance of Burp has encountered by including your debug ID.
Get help and join the community discussions at the Burp Suite Support Center.
This release adds a new scan check for external service interaction and out-of-band resource load via injected XML doctype tags containing entity parameters.
Burp Scanner now modifies XML in requests to inject a doctype tag that defines an XML entity parameter that references a Burp Collaborator URL, and reports an appropriate issue based on any observed interactions (DNS or HTTP) that reach the Burp Collaborator server.