Burp Suite Reviews & Product Details

To be honest, what I like most about Burp Suite is how it gives you complete control over the “conversation” between your browser and the server. It feels like being a digital middleman, where nothing slips through unless you allow it.I been using Burp for a bit now and honestly, the interceptor is a lifesaver. It’s so satisfying to catch a request and manually change the parameters to see if I can bypass some weak validation. I mostly use repeater to spam different payloads or just change headers on the fly to see how the app reacts. Sometimes the interface feels a bit cluttered with all the tabs, but once you get the hang of the workflow, its way better than any other tool. Only thing that sucks is the Pro version price tag, but for what it does, its kinda worth it if you're serious about bug bounties Review collected by and hosted on G2.com.

My biggest pain point is definitely the pricing. The Professional license is a huge jump from the free version, especially for individual researchers. Review collected by and hosted on G2.com.

Best tool in the market for web application manual testings, APIs and mobile dyanmic testing. The UI is simple with lots of features. Extensions are really useful especially considering that we can code our own and add it for almost all cases. The discord channel is great for support and they respond to email quite early as well. It is easy to connect with any browser, mobile device (considering you bypassed SSL pinning) or postman. I use it daily for my VAPT job and bug bounty. Review collected by and hosted on G2.com.

There are frequent updates but most don't include any major changes. Some features are missing and quite hard to implement using self-made extensions (e.g. auto updating token from body response that is used in custom header). Additionally, it is expensive per user. Review collected by and hosted on G2.com.

What I like best about Burp Suite is the level of control and visibility it provides during web application testing. The intercepting proxy makes it easy to inspect, modify, and replay requests in real time, which is extremely helpful for understanding application logic and finding vulnerabilities. Tools like Repeater, Intruder, and Scanner work seamlessly together, making both manual and automated testing efficient. Its detailed insights, flexibility, and strong community support make it one of the most effective tools for learning and performing real-world security testing. Review collected by and hosted on G2.com.

What I dislike about Burp Suite is the steep learning curve for beginners, especially when first understanding the proxy setup and tool workflow. Many powerful features are restricted to the paid version, which can be limiting for students and independent learners. It can also be resource-intensive on lower-end systems, sometimes affecting performance during large scans. Additionally, manual testing requires experience to use effectively, as Burp does not always guide new users clearly. Review collected by and hosted on G2.com.

I really like Burp Suite's easy UI interface. It's super easy to understand and helps me guess the parameters, intercept, and change the proxies without much hassle. The interface is quite easy to use, allowing me to intercept traffic and make changes in requests effortlessly. Additionally, the setup process for Burp Suite is straightforward—you just download and configure it, which is also easy. Overall, it's very user-friendly. Review collected by and hosted on G2.com.

Nothing everything is so good till now as its the best tool available for manul security assessments. Review collected by and hosted on G2.com.

Currently, I use the community version that comes pre-installed with Kali Linux, but a friend of mine has access to the professional licensed version through his workplace. I had the chance to borrow his device for a few hours to explore the differences between the community and professional versions, and I must say, it was a fantastic experience. What stood out to me most was the user-friendly interface—it's easy to navigate, and you can quickly figure out the purpose of each tab. Integration with browsers is seamless through a proxy extension, and it also supports emulators via ADB, capturing web sockets efficiently. The most exciting discovery for me was learning about its new AI integration, which assists in exploring detected risks and exploiting them thoroughly. Isn't that just amazing? I'm definitely looking forward to getting the professional version for myself soon. Without a doubt, this remains my go-to hacking tool. Review collected by and hosted on G2.com.

Truly speaking I hardly think there's anything Burp Suite isn't capable of doing, ya but if can can extend support to network security maybe a couple of new tabs which integrate with tools like Tenable Nessus, nikto, sslscan, nmap so it can become a full fledged scanner for everything. Review collected by and hosted on G2.com.

Burp Suite is incredibly user-friendly for a tool with such depth. The interface is well-organized, and even beginners can start intercepting and analyzing traffic with minimal setup. Real-time interception and request modification through the Proxy and Repeater tools are extremely powerful — they allow me to instantly test and validate web vulnerabilities as I discover them. The ability to view and manipulate requests and responses in real time makes it an essential tool in any web security assessment. Review collected by and hosted on G2.com.

Burp Suite enables me to perform real-time web application security testing in a controlled, efficient manner. It eliminates the need to manually craft and send HTTP requests by providing an interactive testing workflow. Whether I'm testing for XSS, SQL injection, or authentication flaws, the live interception and detailed request/response view allow me to identify issues instantly and adjust attack vectors on the fly. It has significantly improved the speed and accuracy of my assessments. Review collected by and hosted on G2.com.

Burp Suite is a powerful, user friendly tool for web security testing. It combines awesome automated scanning feature with deep manual control, making it ideal for both beginners and pros. Its strong community support, and all-in-one features make it a must have toolkit for ethical hackers and penetration testers. Review collected by and hosted on G2.com.

Burp Suite’s biggest drawbacks is its steep learning curve for advanced features and its resource intensity, which can slow down large machines. Review collected by and hosted on G2.com.

Burpsuite brings everything i need to perform web application penetration testing into one easy to use gui. The ui is clean and beginner friendly yet powerful enough to earn money doing pentesting. Review collected by and hosted on G2.com.

Some parts of burp suite feels overwhelming at first and the free verison is quite limited which is a restriction for beginners to explore. Review collected by and hosted on G2.com.

I use Burp Suite Community edition of Burp Suite and it has blends of features for hackers to hack. What I like best about Burp Suite is its ease of use and comprehensive features that make it highly effective for both beginner and advanced security professionals. The tool’s ease of implementation allows users to get up and running quickly, while its customer support and regular updates provide a reliable experience. With an impressive number of features for web application security testing, Burp Suite supports extensive integration with other tools, enabling seamless workflows. The frequency of use in the cybersecurity community speaks to its versatility and robustness in identifying vulnerabilities efficiently. Review collected by and hosted on G2.com.

There is no reason to dislike this amazing tool. A bit costly the Pro version but worth it. Review collected by and hosted on G2.com.

Deep Automation and Manual Approach for testing Review collected by and hosted on G2.com.

Yearly charges are too high for small organizations Review collected by and hosted on G2.com.