Burp Suite Community
Featured🕸 Web Scanning · Java
Burp Suite is the leading toolkit for web application security testing. The Community Edition provides essential manual tools for exploring and testing web applications. It includes an intercepting proxy for viewing and modifying traffic between your browser and target applications, a spider for crawling content and functionality, and tools for analyzing randomness in session tokens. The Professional edition adds an advanced web vulnerability scanner, automated crawling, and extensions via the BApp Store.
Use Cases
- Web application penetration testing
- HTTP/S traffic interception and modification
- Authentication and session testing
- API security testing
- Web vulnerability scanning (Pro)
- Extension development via BApp Store
Tags
Details
- Category
- 🕸 Web Scanning
- Language
- Java
- Repository
- PortSwigger/BurpSuiteEnterprise
Platforms
Links
GitHub Repository
github.com/PortSwigger/BurpSuiteEnterprise
Official Website
portswigger.net/burp
Documentation
portswigger.net/burp/documentation
Download
portswigger.net/burp/communitydownload
Releases
github.com/PortSwigger/BurpSuiteEnterprise/releases
Issues
github.com/PortSwigger/BurpSuiteEnterprise/issues
Alternatives & Comparisons
More in Web Scanning
httpx
GoFast multi-purpose HTTP toolkit. Probes for running HTTP servers with retries and fallbacks.
Nikto
PerlClassic web server scanner. Tests for dangerous files, outdated server software, and version-specific problems.
Gobuster
GoDirectory/file, DNS, and vhost busting tool. Brute-forces URIs, DNS subdomains, virtual host names, and S3 buckets.
Feroxbuster
RustFast, recursive content discovery tool written in Rust. Like gobuster on steroids with auto-recursion.
ffuf
GoFast web fuzzer written in Go. Fuzz anything — URLs, headers, POST data — with blazing speed.
Katana
GoNext-gen crawling and spidering framework. Headless browser and standard mode with automatic form fill.