We have a mass user base of highly engaged, technically astute customers, who keep us on our toes. Our focus is on delivering the next generation of testing capabilities while maintaining and improving Burp's existing features.
Raji B, Technical Product Manager, Burp Suite Professional
Burp Suite Professional is a single-user, desktop product. It contains various tools for manual and automated penetration testing of web sites.
Based around a versatile intercepting proxy, key features include fuzzing, manual requests, data transcoding, and incremental saving of project data.
We often interact with protocols and data formats in nonstandard ways, so we generally need to build our own implementations. And then deliberately break them.
Our engines often employ data models that are updated by pools of worker threads performing parallel network requests and are exposed via a UI providing real-time updates and user control. Some common problems involve ensuring data integrity and avoiding thread deadlocks.
Our product runs on user machines, often with modest system resources. A common challenge involves ensuring efficiency of computation and memory resources while delivering the advanced capabilities that users need.
Burp Suite Pro is written in pure Java, with a Swing UI.
We use an embedded Chromium browser to support some functionality. There are no other third-party components.
Our tooling includes IntelliJ IDEA, JUnit, Mockito, git, Gradle, TeamCity, Docker, and various AWS services.
We are a diverse group of people with a wide range of interests and backgrounds. What Swiggers have in common is that they all love their work and are exceptionally good at what they do.
Jess H, Journalist
Mike S, Software Developer
Mohamed H, Software Developer