With the wide range of different extenders, almost everything can be done directly from Burp Suite without needing to use Python scripting. I extensively use OAST and IAST, which is a perfect combination for pentesting. Andrej Šimko Security Associate Manager, AccentureRead full customer profile
Burp Suite Professional is our main tool for all manual web application testing. The Intruder module makes it easy to automate testing of different input parameters. I've also used it successfully for brute-forcing usernames or object references. Håkon Lønmo Head of Penetration Testing, BDO AS NorwayRead full customer profile
The Chromium browser inside Burp is really huge for us - I love it. Caner Filibelioglu Red Team Leader, SabancıDxRead full customer profile
The amount of time you need to invest in order to learn Burp Suite is very small - because it doesn't involve code like other tools. Pablo García Perez Bug Bounty Hunter / Head of Finance - WayraRead full customer profile
Net Promoter Score.
of AppSec engineers perform more effectively with Burp Suite.
of our customers would recommend Burp Suite.
of penetration testers said Burp Suite is "best in class" software.
9/10 of surveyed application security engineers agree that Burp Suite is great value for money. Source: TechValidate survey of PortSwigger customers
Burp Suite Enterprise Edition at the European Space Agency.
Helping to secure the firm that keeps internet traffic flowing.
Manual testing for financial services - and old-school gaming.
Burp Suite, professional services, and ballroom dancing.
Scanning at scale with Burp Suite Enterprise Edition.
How Burp Suite helps to ensure the world gets paid on time.
Why finding Burp Suite was a lightbulb moment for OSRAM.
Red teaming and the future of security - with Burp Suite.
Providing penetration testing services with Burp Suite.
A finance expert using Burp Suite for bug bounty hunting.
Why Burp Suite is perfect for small business cybersecurity.
How Burp Suite helps to protect data in remote clinical services.
To find a place that had all of that information in one location, with a consistently high quality of labs, especially being free, it's a no-brainer. Why wouldn't you dive right into it?! Johnny VillarrealRead about Johnny's Web Security Academy experience
I find that having Burp Suite Pro is really helpful for some of the Web Security Academy labs, so as I'm learning more skills by doing the labs I'm also learning how to use Burp Suite better as well. I just don't think I'd be able to learn the same kinds of skills, to the same level, by doing OSCP or any of those kinds of qualifications. Kamil VavraRead about Kamil's Web Security Academy experience
PortSwigger is a huge company in the cybersecurity field that gives back and creates a community. The way that Burp has developed, how you listen to the community, and create free learning materials. It's absolutely amazing. Andres RauscheckerRead about Andres' Web Security Academy experience
Burp Suite is trusted by some of the largest and most recognizable organizations in the world.
I find it very satisfying to both my sanity and my bank account that @Burp_Suite does a better job of finding vulnerabilities than every other web scanner I've used. It's stunning how bad $8K-10K web scanners are at finding even the most basic issue.
Burp Suite continues to be an amazing tool. For the price it's an elegant weapon for a more civilized age.
I don't know how I ever lived without BurpPro @PortSwigger.
If you're not using @Burp_Suite then you're not doing bug bounties right! Seriously, it took me a long time to realize Burp was a thing, but since I began using it a year ago I can no longer live without it, and that's a good thing! #bugbounty #bugbountytips
Not having access to Burp Suite Pro is like missing a limb ...
Burp Suite best tool ever! "When in doubt, just burp it!"
There are good companies with good products. some companies are even better and provide great products. above them, there is @PortSwigger: astonishing support, awesome research capabilities and a product that is simply an industry standard.
WAHH is great (and still one of my favorite books) but @WebSecAcademy is HUGE source of knowledge! And the labs are really fun.