login

Burp Suite, the leading toolkit for web application security testing

Payloads

This tab is used to configure one or more payload sets. The number of payload sets depends on the attack type defined in the Positions tab. For many common tasks, such as fuzzing parameters, brute force guessing a user's password, or cycling through page identifiers, only a single payload set is needed.

The configuration steps needed to configure a payload set are as follows:

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Thursday, January 30, 2014

v1.5.21

This release adds support for WebSockets to the Proxy tool. You can now view, intercept and modify WebSockets messages in the same way as regular HTTP messages.

The Scanner's support for nested insertion points has been updated to support nested data in URL-encoded query string format and precise highlighting of relevant syntax in reported Scanner issues.

See all release notes ›

Copyright © 2014 PortSwigger Ltd. All rights reserved.