Protect your reputation

Online hacks have never been more newsworthy.

Avoid the fallout and exposure of security incidents by finding vulnerabilities before they are exploited.

Gain awareness of your organization’s security posture

Scan all of your applications regularly to gain an enterprise-wide view of your exposures.

Burp shows you exactly where the most significant vulnerabilities exist, and you can drill down into individual applications, or even single URLs and parameters, to view vulnerabilities in more detail.

Issues are classified by type and severity, and contain full details of how to remediate each vulnerability.

Issues are also mapped to common vulnerability classification schemes, such as CWE and the OWASP Top Ten, to help you quickly understand the nature of each issue in familiar terminology.

Read more

"Thanks for such a fantastic tool and for your support responses"

- Michelle Simpson, Security Consultant, NCC Group

“Burp rules them all. Keep it up. :-)”

- Russ McRee, Principal Security PM Lead, Microsoft

"Burp is my go to tool for testing web applications. It's best in class! Can't wait to see what the future holds."

- Kevin Johnson, CEO, Secure Ideas

PortSwigger News

View More

Success Stories

View More
Get Burp

Stories from The Daily Swig affecting organizations

Offensive toolkit for Office 365 bundles bag of tricks

23 July 2019 Offensive toolkit for Office 365 bundles bag of tricks Hack like the GRU

‘Ransomware is a real problem in France’

APT? French firms struggle to cope even with unsophisticated threats 23 July 2019 ‘Ransomware is a real problem in France’ APT? French firms struggle to cope even with unsophisticated threats

Equifax to pay up to $700m to settle 2017 data breach

Settlement includes creation of multimillion-dollar fund for impacted consumers 22 July 2019 Equifax to pay up to $700m to settle 2017 data breach Settlement includes creation of multimillion-dollar fund for impacted consumers

iNSYNQ begins cautious recovery from ransomware infection

22 July 2019 iNSYNQ begins cautious recovery from ransomware infection QuickBooks provider floored by MegaCortex

IRS issues fresh guidance to stem the tide of phishing and tax fraud

22 July 2019 IRS issues fresh guidance to stem the tide of phishing and tax fraud Six-point plan welcomed, but security pros argue the guidance doesn’t go far enough

Social Security – w/e 19 July

‘Every piece of Huawei code I’ve ever looked at is garbage’ 19 July 2019 Social Security – w/e 19 July ‘Every piece of Huawei code I’ve ever looked at is garbage’

NCSC hails progress in efforts to halt phishing

Year two of Active Cyber Defence proves a tentative success 17 July 2019 NCSC hails progress in efforts to halt phishing Year two of Active Cyber Defence proves a tentative success

I’m (not) with stupid

Lessons learned from ransomware authors’ crypto mistakes 17 July 2019 I’m (not) with stupid Lessons learned from ransomware authors’ crypto mistakes