Burp Suite 2023.10.3.4 Released – What’s New!

Burp Suite 2023.10.3.4 is the name of the newest version of Burp Suite, which was just published by the PortSwigger developers.

The Burp Suite is a cybersecurity tool that is used for evaluating the security of online applications. It performs the role of an intercepting proxy and enables users to see and alter the traffic between a web browser and the application that focuses their attention.

Burp Suite helps identify and address security vulnerabilities, such as:-

• SQL injection
• Cross-site scripting (XSS)

It also helps identify other common web application flaws, making it an essential tool for ethical hackers and security professionals.

Protect Your Storage With SafeGuard

Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard

StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.

Try StorageGuard for Free

What’s New?

The latest version of Burp Suite includes Bambdas, a filter for HTTP requests that can be customized using Java code snippets. Additionally, subdomains may be added to the target scope, TLS passthrough can be enabled for out-of-scope objects, and BChecks can be exported.

Here below, we have mentioned all the new additions:-

• Advanced HTTP history filtering using Bambdas: Customize Burp Suite with Bambdas with the help of small Java code snippets now available in Proxy > HTTP history. Filter your HTTP history for precise results, eliminating noise. Try Bambdas in Proxy > HTTP history tab for a tailored experience.
• Exporting BChecks: Easily share BChecks across Burp instances by exporting selected ones. See their GitHub repository for BChecks from PortSwigger and the Burp Suite community.
• Increased support for notes throughout Burp: PortSwigger expands notes, allowing you to record key info on tabs for easy access later. Notes copy between tabs and tools for seamless use. Use the sidebar’s Notes panel to add and access notes efficiently.
• TLS passthrough for out-of-scope items: Optimize performance by applying TLS passthrough for out-of-scope items in the target scope settings. It’s enabled automatically when choosing to Stop logging out-of-scope items.
• Include subdomains in target scope: Expand target scope by including subdomains of selected hosts. Check ‘Include subdomains’ in Target > Scope settings to activate.
• Improved Task details dialog:

• Replaced the Details tab with Summary for easier navigation.
• Includes critical vulnerabilities, task progress, and real-time task log.
• New Issues tab lists all scan findings.
• Renamed Issue activity to Audit log.
• Easily view further details in the Event log with a single click.

Checks Grammar Enhancements:

• A removing query_string action that removes an entire query string from a request.
• A new variable that returns Burp’s User-Agent header.
• A new pre-defined variable called insertion_point_base_value contains the base value of the current insertion point.
• A new per-path BCheck template that you can base your checks on.
• BChecks can now return more than one issue.
• Developers have also updated the grammar version to v2-beta.

Other Improvements

After a scan, the Burp Scanner checks the Collaborator server every minute for 10 minutes, then reverts to 10-minute intervals. 

Besides this, the instant out-of-band interactions are now reported faster. Burp’s built-in browser upgraded to version:-

• 119.0.6045.123 on Mac/Linux
• 119.0.6045.123/.124 on Windows

You can download the lastest version of Burp Suite Here.

Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.