Burp Suite Professional_

The go-to toolkit for penetration testing and bug bounty hunting

Laptop showing Burp Suite Professional
Try for free Buy
$399 per user, per year

Burp Suite Professional is an advanced set of tools for testing web security - all within a single product. From a basic intercepting proxy to a cutting-edge vulnerability scanner, with Burp Suite Pro, the right tool is never more than a click away.

Our powerful automation gives you more opportunity to do what you do best, while Burp Suite handles low-hanging fruit. Advanced manual tools will then help you identify your target's more subtle blind spots.

Burp Suite Pro is built by a research-led team. This means that before we even publish a paper, its findings have been included in our latest update. Our pentesting tools will make your job faster while keeping you informed of the very latest attack vectors.

Automatically harvest low-hanging fruit

Burp Suite Pro can be used to test for the whole OWASP Top 10. The work of PortSwigger's world-leading research team guides Burp Suite's development, and new capabilities are added with each new update.

At Burp Suite's heart lies the web vulnerability scanner. This is the same powerful scanner trusted by many of the world's largest organizations. It's capable of both passive and active analysis.

Low-hanging fruit

Save more time with human-guided automation

You can't find every web security vulnerability using purely automated tools. Many require some form of human input. But exploiting such vulnerabilities can often be a wearisome task.

Powerful labor-saving tools like Burp Intruder allow you to make better use of your time. This is especially true when fuzzing for vulnerabilities or when using other brute force techniques.

A Swiss Army knife for hackers

It's easy to see why Burp Suite Pro works. It's a true one-box solution for finding and exploiting vulnerabilities in web applications, quickly and reliably.

But it doesn't end there. The BApp Store gives you access to hundreds of community-generated plugins. Burp Suite's Extender API allows you to write your own. By augmenting Burp Suite Pro's capabilities in this way, its applications become almost limitless.

Swiss army knife

The industry's most popular tool

Burp Suite Professional has over 40,000 users across more than 130 countries. This makes it the world's most widely used toolkit for web security testing.

This didn't happen by chance. Our tools are known to be a force multiplier for users' knowledge.

Of course, we would say that. But take a look at our credentials. Our software protects many of the world's most powerful organizations:

Amazon Google Walmart FedEx AXA Microsoft Salesforce Bank of America Samsung
Others follow

Where Burp Suite goes, others follow

Burp was originally written by our founder, Dafydd Stuttard. You might know Daf's name from The Web Application Hacker's Handbook - the de facto standard textbook on web security. Daf still leads our development team.

You can't have cutting-edge tools without research - and our team is second to none. PortSwigger has a commitment to education, and you'll find us at conferences around the globe.

A case in point is Burp Collaborator, which pioneered out-of-band (OAST) testing techniques. We're always experimenting - and our users reap the benefits.

Try Burp Suite Professional for free

Get a free 30-day trial of the latest version of Burp Suite Pro:

Try for free Buy

Burp Suite Pro is priced at $399 per user, per year.

Pro Twitter quote

"I ❤ Burp! Love when a security company actually cares about security. Also explains the technology logic while investigating it"

Alexander Kot