"Burp Suite Pro is my web app assessment tool-of-choice. It has made my life and my job easier so I can be more efficient."
Jed Mitten, Senior Security Consultant, MANDIANT
"We tried the others, but keep coming back to Burp Suite Pro. Nothing comes near it for application security testing."
Steve Lord, Mandalorian
The latest release of Burp Suite introduces a new tool, called Burp Infiltrator. Burp Infiltrator is a tool for instrumenting target web applications in order to facilitate testing using Burp Scanner. Burp Infiltrator modifies the target application so that Burp can detect cases where its input is passed to potentially unsafe APIs on the server side. In industry jargon, this capability is known as IAST (interactive application security testing).
This release adds a new Burp Collaborator client for use in manual testing, some new APIs for using Burp Collaborator capabilities within Burp extensions, and a new Burp extension that demonstrates usage of the APIs.