Search

Professional Edition

Burp provides various functions that let you search for different items:

Search

You can perform suite-wide searches by selecting "Search" from the Burp menu. You can also search within selected branches in the Target site map, by selecting "Search" within "Engagement tools" in the context menu.

The search dialog lets you configure the following options:

  • The expression to search for
  • Whether the search is case sensitive
  • Whether the search term is a literal string or a regular expression
  • Whether the search should show "negative" matches (i.e. items that do not contain the search expression)
  • Whether the search is restricted to in-scope items only
  • Whether the search results should dynamically update as new HTTP messages are processed by Burp tools
  • Which locations to search within HTTP messages (requests vs. responses, headers vs. body)
  • Which tools to search in

When you click "Go", the search begins and the details of each search match are shown in a sortable table. The preview pane shows the full request and response for the selected item, including highlighted matches for your search expression. The context menu can be used to send requests to Burp tools and carry out other actions.

Find Comments and Scripts

You can use these functions to search part or all of the Target site map for comments and scripts. You can start the search by selecting part or all of the site map tree, and choosing "Find comments" or "Find scripts" within "Engagement tools" in the site map context menu.

In the search dialog, use the "Search" button to perform the search (or re-perform it later). Details of the discovered items are shown in a sortable table. The preview pane shows the full request and response for the selected item, with relevant items automatically highlighted, and also extracted into their own tab. The context menu can be used to send requests to Burp tools and carry out other actions.

Selecting the "Dynamic update" option will cause Burp to dynamically update the results as new HTTP messages are processed by Burp tools. You can use the "Export" button to save all of the scripts or comments to file or to the clipboard, optionally consolidating duplicated items.

Find References

You can use this function to search all of Burp's tools for HTTP responses that link to a particular item. To access the function, select an HTTP request anywhere within Burp, or any part of the Target site map, and choose "Find references" within "Engagement tools" in the context menu.

The search results window shows responses (from all Burp tools) that link to the selected item. When you view an individual search result, the response is automatically highlighted to show where the linking reference occurs.

Note that this feature treats the original URL as a prefix when searching for links, so if you select a host, you will find all references to that host; if you select a folder, you will find all references to items within that folder or deeper.