Projects / Burp spider

Burp spider

Burp spider is a tool for enumerating Web-enabled applications. It uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality. Key features include parsers for HTML and JavaScript, presentation of findings in tree and table formats, handling of HTML forms with automatic or user-guided form submission, authentication to protected areas of the application using supplied credentials, cookie processing, detection of custom "not found" responses, fine-grained scope control, SSL support, identification of dynamic "application" pages which use data parameters or are session-dependent, and IDS evasion techniques.

Operating Systems

Recent releases

  •  11 Aug 2005 18:46

    Release Notes: This release can "passively" spider Web applications, with all requests originating from the user's browser. A regex-based search and highlight function was added to all text panes. Server HTML responses are now rendered as Web pages. This release is fully integrated with the other burp suite tools. The scope for a spidering session can be specified using both URL regex and IP ranges. Preferences are optionally persistent across program launches.

    •  06 May 2004 15:50

      Release Notes: Substantial performance improvements have been made, increasing speed and reducing CPU utilization. Advanced communications options were added, including proxy server support, authentication using basic, NTLM, and digest types, and configurable timeout values.

      •  23 Mar 2004 22:05

        No changes have been submitted for this release.


        Project Spotlight


        A Fluent OpenStack client API for Java.


        Project Spotlight

        TurnKey TWiki Appliance

        A TWiki appliance that is easy to use and lightweight.