Join the 1500 companies using G2 Track to manage SaaS spend, usage, contracts & compliance.

BurpSuite

4.7
(19)

Burp Suite is a toolkit for web application security testing.

Work for BurpSuite?

Learning about BurpSuite?

We can help you find the solution that fits you best.

BurpSuite Reviews

Chat with a G2 Advisor
Write a Review
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • For Category
  • Industry
Ratings
Company Size
User Role
For Category
Industry
Showing 19 BurpSuite reviews
LinkedIn Connections
Sign in to G2 to see what your connections have to say about BurpSuite
BurpSuite review by Izan G.
Izan G.
Validated Reviewer
Verified Current User
Review Source
content

"The most complete pentesting suite for windows"

What do you like best?

Its very complete, the functionalities are very good. It has enormous uses, like trying to pentest your own website or making researches. Its free but you can pay for pro version and get more features like disk based projects and not be limited to temporary projects only.

What do you dislike?

I dont dislike anything, its hard to use but very well made

Recommendations to others considering the product

If you have IT knowledge and you want to start pentesting websites on windows this could be a very good option to go for.

What business problems are you solving with the product? What benefits have you realized?

It made us solve some vulnerabilities on our website, with the proxy MiTM option and right now we repair and debug some things with it. We got some bug comments on our website and to be repaired we needed to use a tool like this

What Vulnerability Scanner solution do you use?

Thanks for letting us know!
BurpSuite review by Dewank P.
Dewank P.
Validated Reviewer
Review Source
content

"Burpsuite"

What do you like best?

I love this tool, as a penetration tester, this is the most used testing tool in my arsenal of hacking tools. I have been using it ever since I have been working in the field of Application Security. It allows for intercepting the application traffic and manipulates it in ways which a browser would never let me do. This is the best web proxy tool ever!

What do you dislike?

Nothing, Burpsuite is one of my favorite tools and I personally don't feel it has any shortcomings, because it gives an option of extending its functionality using the extensions (BAAP store) this I feel it can be made better every day.

Recommendations to others considering the product

If you are doing penetration testing then burpsuite is a must!

What business problems are you solving with the product? What benefits have you realized?

I use it for all the web application security testing. This tool has helped me in intercepting all the types of web traffic. It works as an interceptor and a web proxy. It can also be used for mobile application testing.

BurpSuite review by Dewank P.
Dewank P.
Validated Reviewer
Review Source
content

"Burpsuite is the best security testing tool"

What do you like best?

I love this tool, as a penetration tester, this is the most used testing tool in my arsenal of hacking tools. I have been using it ever since I have been working in the field of Application Security. It allows for intercepting the application traffic and manipulates it in ways which a browser would never let me do. This is the best web proxy tool ever!

What do you dislike?

Nothing, Burpsuite is one of my favorite tools and I personally don't feel it has any shortcomings, because it gives an option of extending its functionality using the extensions (BAAP store) this I feel it can be made better every day.

What business problems are you solving with the product? What benefits have you realized?

I use it for all the web application security testing. This tool has helped me in intercepting all the types of web traffic. It works as an interceptor and a web proxy. It can also be used for mobile application testing.

BurpSuite review by Adam A.
Adam A.
Validated Reviewer
Review Source
content

"Gross Name, Great Product"

What do you like best?

Like a lot of software suites Burp is pretty intimidating at first - especially if you don't even have a theoretical background in pentesting which, when I downloaded it for a course, I didn't. It is extremely extensible and a lifetime could be spent exploring every possible application it has in securing a website: Python Scripter, XSS Validator, HeartBleed (or whatever your heart desires), BurpSuite has you covered. For doing some basic website security testing for a couple friends the free version had everything I needed.

What do you dislike?

As I mentioned, it is a bit bewildering at first, but that's not the software's fault.

What business problems are you solving with the product? What benefits have you realized?

Burp helped me help a few friends with their websites. It prevented them from being exploited by script kiddies. Since their sites do not need the highest level security possible, my the free version coupled with my amateurish pentesting skills was enough.

BurpSuite review by Glenn J.
Glenn J.
Validated Reviewer
Verified Current User
Review Source
content

"Burp Suite Pro is a great vulnerability scanner."

What do you like best?

Burp Suite Professional is a great tool that finds many of the vulnerabilities in a web application. It can be used to scan and replay attacks and also generates good reports. It can also be extended using Python or .

What do you dislike?

Burp Suite Professional can be bit difficult to use but once you learn the basics it is fairly easy to use.

Recommendations to others considering the product

Give it a try with the Free version and if you like it get a license. the cost is not very high.

What business problems are you solving with the product? What benefits have you realized?

I use Burp Suite Professional to perform vulnerability scans on all of our corporate websites before they are released to the production servers. This is part of our Security Review Process . I am also planning on making it part of static and dynamic security review DevSecOps practice.

BurpSuite review by Jose Antonio B.
Jose Antonio B.
Validated Reviewer
Verified Current User
Review Source
content

"Excelent Security tool"

What do you like best?

it's really easy to use, and also you can expand it with plugins, its a tools for beigneers to advance user, if you are starting with pentesting, this is a tool you need to try

What do you dislike?

theres not much to dislike about, maybe the fact that it consumes alot of memory but its because all the work it does on the background

Recommendations to others considering the product

sure, give it a try

What business problems are you solving with the product? What benefits have you realized?

app security audit, with burp its a piece of cake, now we can test app security in a professional way.

BurpSuite review by Administrator
Administrator
Validated Reviewer
Review Source
content

"My go-to product!"

What do you like best?

What isn't there to like about BurpSuite? I subscribe to the pro version, which is worth it primarily for the bit of automation it brings in with the real time scanner. This tool could easily handle a full web-app pen test on its own - acting as an intercept proxy, using the intruder and repeater functions you can exploit pretty much anything. It's easy to get started with, but there's a never-ending hole of more things you can do with it.

What do you dislike?

It seems like every time I open it there is an update I have to install - which is kind of annoying. Also, while the automated scanner is awesome, the scanner and spider can be quite slow sometimes.

What business problems are you solving with the product? What benefits have you realized?

We run regular pen tests on our SaaS products, so we use BurpSuite to discover and validate issues with our web apps. BurpSuite is a significant portion of our cyber-risk management procedures.

BurpSuite review by Jason F.
Jason F.
Validated Reviewer
Verified Current User
Review Source
content

"Greatest Web App Pentesting Solution!"

What do you like best?

What I like best is it's API and rich community submitted add-ons.

What do you dislike?

Custom attack vectors don't get saved. They have to be reloaded every time it's closed and re-opened.

Recommendations to others considering the product

There really isn't a better value for Web App pen testing and Fuzzing.

What business problems are you solving with the product? What benefits have you realized?

Saves me a ton of time manually testing web applications. I still code scan manually and with a code scanning software however BurpSuite lets me test the fixes in a quite automated fashion.

BurpSuite review by User in Computer Software
User in Computer Software
Validated Reviewer
Review Source
content

"Quick jump into web security testing"

What do you like best?

I like the speed of Burp Suite vs. others suites/tools that I have tried. It is a nice mix of useful attack vectors and output information. I can target and scan quickly and get the info I'm needing to pass on to my developers for fixing.

What do you dislike?

It has a bit of a strong learning curve. When training new QA in the roles and areas of security they find it difficult. If I take a developer to train them on the suite they are up and running quickly. It is not a tool geared for the newbie QA person.

Recommendations to others considering the product

Finding a strong level of training materials would be helpful. The easiest materials to find are difficult for a new user to traverse and get comfortable with the software quickly. For a seasoned developer it is fine. So it will depend on the level of development work a person has done or is comfortable with to be able to use all the features of the product efficiently.

Take time to learn the product before placing it in to a common use or against your production server. you can cause issues to current customers on a live server. Use a test environment that is as close to your live model as possible.

What business problems are you solving with the product? What benefits have you realized?

We have an e-commerce site, which allows a large amount of customer data to flow through. We need to find where and what type of attacks could take the site down or compromise customer data. We have realized this kind of tool is extremely helpful in finding the areas of weakness before a malicious attacker might find them.

BurpSuite review by Administrator
Administrator
Validated Reviewer
Review Source
content

"The things you will find"

What do you like best?

Burp suite is amazingly powerful and an extremely versatile tool for website and application security testing. With the professional edition you can use the passive/active scanning feature and add-ons for further features. The passive/active scans are wonderful at finding and testing website's security for things such as cross-site scripting vulnerabilities to outdated plugins. Also, compared to other tools, the license for this product is extremely cheap at around $400 for all of the features that are included.

What do you dislike?

Burp suite is a giant in the amount of features and tools that it has, it can and will take a long time to get to know how to properly use the application. The professional and community edition are extremely similar, so it would be a good idea to practice and explore the options on the community edition before buying a license for the product.

Recommendations to others considering the product

Definitely download and try it out before you consider purchasing the professional license. Theres a lot of functionality with the product, but if you don't know what you're doing or want to do those features will be wasted.

What business problems are you solving with the product? What benefits have you realized?

We are using BurpSuite as a tool to use during our penetration tests. It is extremely helpful in testing various websites and website applications security. Also, there's a repeater function that allows you to see and understand what may have lead the web application to be vulnerable and allows you to repeat it to further prove the point.

BurpSuite review by Avinash M.
Avinash M.
Validated Reviewer
Review Source
content

"Experience in application security texting"

What do you like best?

The manual testing using this tool. There are various options like intruder, repeater, scanner, repeater crawling the site and scanning etc.. Burp provides all options that a hacker needsto break in on to any application. We can also integrate it with major automatic scanners.

What do you dislike?

There’s nothing to dislike in this tool so far in my experience. The scanning option is not straight forward to use it. Beginners will get little confused when using this option

What business problems are you solving with the product? What benefits have you realized?

Cost effective and easy installation. The pro version is $300 and it’s very reasonable price for any scale organization to afford.

BurpSuite review by User in Financial Services
User in Financial Services
Validated Reviewer
Verified Current User
Review Source
content

"Great tool"

What do you like best?

Flexibility and light resource requirements, ability to customize and create new plugins. Support for python

What do you dislike?

since it's based on java, there are some memory management optimization issues and memory size limitations when using it for a larger site

Recommendations to others considering the product

cost to benefit ratio far outweighs any other commercial tools. One of the best tools to leverage. Recommendation is to not use it as a single tool if your budget allows, by supplementing with other scanners like Appscan or WebInspect.

What business problems are you solving with the product? What benefits have you realized?

proactive identification of serious security defects on websites and underlying technologies

BurpSuite review by Consultant in Computer Software
Consultant in Computer Software
Validated Reviewer
Verified Current User
Review Source
content

"Best proxy "

What do you like best?

multiple things. First its a good proxy. Also, i can send request to repeater and get alot of stuff done. Next, when performing sqli, i can use the intruder feature.

What do you dislike?

the user interface. its so clumsy and non friendly. If they make the UI better, they can sell it for a better price

Recommendations to others considering the product

You can always write your own proxy but the sophistication of this tool is unmatched

What business problems are you solving with the product? What benefits have you realized?

I work with clients to analyze the traffic and check for vulnerabilities

BurpSuite review by Cody W.
Cody W.
Validated Reviewer
Review Source
content

"Intuitive"

What do you like best?

BurpSuite and it's features are intuitive to use and find. Makes request interception and inspection a breeze.

What do you dislike?

I wish the setup between BurpSuite and the target was smoother or more in sync.

Recommendations to others considering the product

BurpSuite is a very intuitive application with a multitude of different uses for anyone looking into penetration testing and bug review / inspections.

What business problems are you solving with the product? What benefits have you realized?

Vulnerability testing in web applications and design.

BurpSuite review by User in Computer & Network Security
User in Computer & Network Security
Validated Reviewer
Review Source
content

"Great software"

What do you like best?

Burp Suite is amazing web application scanner. The capabilities that it includes are amazing. I like all of the functionality and the extensions. It really allows you to be thorough and find vulnerabilities in your software.

What do you dislike?

It can be a bit of learning curve, and the documentation is a bit all over the place. Would love to see a more centralized documentation system with robust system notes.

Recommendations to others considering the product

The community edition is free, but you must pay for pro

What business problems are you solving with the product? What benefits have you realized?

I used BurpSuite to try to identify vulnerabilities in web applications. It really allows you to be thorough.

BurpSuite review by Matt B.
Matt B.
Validated Reviewer
Review Source
content

"Burpsuite is one of the best network protocol security products available"

What do you like best?

I love the ability to capture http requests and make modifications before passing them to the application for testing and security posture analysis.

What do you dislike?

Some of the features are not intuitive, and/or require additional setup which is difficult to perform without specific training.

What business problems are you solving with the product? What benefits have you realized?

Being able to re-play network requests and iterate through possible parameter options with much less interaction.

BurpSuite review by User in Information Technology and Services
User in Information Technology and Services
Validated Reviewer
Verified Current User
Review Source
content

"The Tool of the Trade"

What do you like best?

Burp provides an easy way to proxy web and mobile application traffic.

What do you dislike?

The User Interface often has bugs when utilizing a multi-monitor system, such as unreadable font sizes, or unclickable elements.

Recommendations to others considering the product

This will be the only tool you need for the job.

What business problems are you solving with the product? What benefits have you realized?

We perform web application testing and use BurpSuite to easily modify HTTP traffic, which is the core function of our jobs.

BurpSuite review by User
User
Validated Reviewer
Review Source
content

"Really good Application scanning tool"

What do you like best?

Burp is an incredibly versatile security testing tool for application, most pentesters that i have spoken to use this as a key tool in their testing. Burp can be used by relatively untrained users, but also has the capability to proform task by advanced users.

What do you dislike?

If Burp offered the ability within the tool to scheduled scans it would satisfy a lot more users

Recommendations to others considering the product

Give it ago, you can use the community version to get started and pay for the professional when you realize how good it is.

What business problems are you solving with the product? What benefits have you realized?

Identifying vulnerable pages that need attention.

Kate from G2

Learning about BurpSuite?

I can help.
* We monitor all BurpSuite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.