Burp Suite 2025.1, is filled with new options and enhancements designed to enhance your internet software testing workflow.
This newest model brings thrilling upgrades like auto-pausing Burp Intruder assaults primarily based on response content material, exporting Collaborator interactions to CSV, highlighting Content material-Size mismatches, a browser improve, and several other bug fixes. Let’s dive into what’s new.
Sport-Altering Options
Auto-Pause Intruder Assaults
The Auto-pause assault characteristic is a big enhancement to Burp Intruder. This new performance means that you can pause assaults mechanically when particular standards are met—akin to when a specified expression seems in or is lacking from the response.
This not solely optimizes reminiscence utilization throughout large-scale assaults but additionally helps testers zero in on related responses with out pointless guide intervention.
Are you from SOC/DFIR Groups? - Analyse Malware Recordsdata & Hyperlinks with ANY.RUN Sandox -> Strive for Free
Content material-Size Mismatch Highlighting
Burp Suite is now smarter at figuring out vulnerabilities! The instrument will mechanically flag HTTP responses the place the Content material-Size header worth doesn’t match the precise response physique measurement.
This characteristic is particularly useful in recognizing points like HTTP request smuggling, making your vulnerability evaluation course of quicker and extra correct.
CSV Export for Collaborator Interactions
A extremely requested characteristic, customers can now export all Collaborator interactions as CSV information. This makes it simpler to incorporate detailed interplay logs in reviews or proof-of-concept demonstrations.
Moreover, you’ll be able to mark Collaborator interactions as learn, permitting you to maintain monitor of reviewed gadgets and concentrate on new or vital actions.
Bug Fixes and Usability Enhancements
PortSwigger has resolved a number of bugs to reinforce the person expertise:
- Fastened points with Dwelling and Finish keys inflicting cursor misplacement within the message editor.
- The Burp Logger view filter now appropriately reapplies after reaching the seize restrict.
- Resolved a bug the place new configurations weren’t displayed within the configuration library with out restarting Burp.
- Addressed payload encoding character errors when creating a brand new Intruder tab.
- Fastened non-functional hotkeys (e.g., Add notes hotkey) in modules like Organizer and Repeater.
- Copying textual content utilizing Ctrl+C in BCheck preview now works seamlessly on Linux and Home windows.
- Extensions with WebSocket message editor implementations now load appropriately, eliminating disappearing tabs.
Burp’s embedded browser has been upgraded to Chromium 132.0.6834.84 (Home windows & macOS) and 132.0.6834.83 (Linux). This replace ensures higher safety, compatibility, and efficiency in internet testing environments.
With Burp Suite 2025.1, PortSwigger demonstrates its dedication to enhancing effectivity and accuracy for safety testers.
Whether or not you’re operating large-scale assaults, detecting delicate mismatches, or presenting findings, this launch brings one thing helpful for everybody.
Integrating Utility Safety into Your CI/CD Workflows Utilizing Jenkins & Jira -> Free Webinar