login

Burp Suite, the leading toolkit for web application security testing

Misc User Options

This tab contains settings for hotkeys, logging, location of temporary files, Proxy interception, and performance feedback.

Hotkeys

These settings let you configure hotkeys for common actions. Numerous types of actions can be assigned a hotkey, in the following categories:

A number of hotkeys are configured by default. Note that very many more actions are available to have a hotkey assigned, if you use them frequently.

All hotkeys must use the Control key (or the Command key on OSX), and may also use Shift and other available modifiers. Note that on some Windows installations the Ctrl+Alt combination is treated by Windows as equivalent to AltGr, and so may result in typed characters appearing when pressed in text fields. 

Logging

These settings control logging of HTTP requests and responses. Logging can be configured per-tool or for all Burp traffic.

Proxy Interception

This option lets you configure whether Proxy interception should be enabled when Burp is started up. You can choose to always enable interception, always disable interception, or to restore the setting from when Burp was last closed.

Temporary Files Location

These settings let you configure where Burp stores its temporary files.

By default, Burp creates a directory within the temporary file location provided by the platform. You can modify this behavior to use a custom directory - for example, on a different volume, or which is not world-readable.

On Mac OS X, you may find that the default temporary file location is sometimes cleared following system hibernation, causing Burp to lose its temporary files. You can resolve this problem by configuring a custom location for Burp to store its temporary files.

Changes to this setting take effect the next time Burp starts up.

Performance Feedback

You can help improve Burp by submitting anonymous feedback about Burp's performance.

Feedback only contains technical information about Burp's internal functioning, and does not identify you in any way. If you do report a bug, you can help us diagnose any problems that your instance of Burp has encountered by including your debug ID.

 

Support Center

Get help and join the community discussions at the Burp Suite Support Center.

Visit the Support Center ›

Thursday, September 8, 2016

1.7.06

This release introduces a new scan check for second-order SQL injection vulnerabilities. In situations where Burp observes stored user input being returned in a response, Burp Scanner now performs its usual logic for detecting SQL injection, with payloads supplied at the input submission point, and evidence for a vulnerability detected at the input retrieval point.

See all release notes ›

Copyright © 2016 PortSwigger Ltd. All rights reserved.