Burp Suite

Burp Suite is an integrated platform for attacking web applications. It contains a variety of tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All of the tools share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. There is a limited free version and also Burp Suite Professional ($299 per user per year). For downloads and more information, visit the Burp Suite homepage.

#13, 63
Latest release
  • 1.4.01
  • June 3, 2011 (13 years, 1 month ago)
★★★★½ (19)
89% ★★★★
0% ★★★
0% ★★



★★★★★ Michael Pei

This tool is fantastic, I like it very much!!!hahah.......................

★★★★★ paceyhunter

super cool tool for anyone interested in security. someone hacked me using this. I was hosting through 101domain.com and it just absolutely f'd up my site. So this gets a 5 stars from me.

★★★★★ JoshuaDaily

Best of the best. Using by all Pentesting company of my country. Can find issues that Acunetix can't.

no rating JoshuaDaily newer comment by this user ↑

It is the best when you are using the pro version. It is better than than Web Nessus Scanner or Metasploit Web Scanner and it is more better than Acunetix.

★★★★★ Sanket Mishra

Excellent tool for web penetration testing. Specially the feature where you can write your own extensions for Ruby, Python and Java.

★★★★★ Victor Dorneanu

Burp is _the_ tool every security professional should know about. I personally love the API and the fact that you can add your own extensions in your favourite language: Python, Java, Ruby.


Good tool. Works better than others in the browser

no rating pusheax

This is very good tool for pentesting web. The free version should be Okay!

★★ Bongo the Clown

I was interested in trying this tool, but the crippled 'free' version doesn't have the scanner function. Useless for me. I was thinking of buying it but not now.

★★★★★ Dynasty

Not only this app is reliable and useful, and full of great features...

But its authors' book is INDISPENSABLE whether you are a newbie or an expert.

★★★★★ cpfoutz

My go to tool when doing any kind of work relating to web apps.

★★★★★ Robert

Tried several web scanners (though this isn't a web scanner tool by def) available and Burp is the one I trust!

★★★★★ whatismyip

Indispensable tool when performing web application assessments. Read web traffic, then manipulate it as much as you desire.

★★★★★ muuratsalo experimental hack lab

Simply the best tool ever made for web application penetration testing.

★★★★★ lonely

nice tool that can be used for guys interested in security

★★★★★ n0x00

Great tool. Standard.

★★★★★ hx

Great tool

★★★★★ Phil

Awesome Tool :)

no rating Andrew Horton

Burp is the one indispensable tool required during a web app pentest.

★★★★★ stsdroog

By far the best tool for web pen-testing.

★★★★★ gabo

WAPT best tool!

★★★★★ thelightcosine

Burpsuite is a must-have tool for any Web Application penetration Tester. This should be the baseline from which you do most of your manual testing. The commecial version of the product also offers a number of features and enhancements that will make your life much easier.

also, at the time of writing, this blurb is out of date. Burpsuite is currently on version 1.4.01.

Comments disabled

Feed for updates.