Cyber Security News

Burp Suite 2025.1 Released, What’s New!

Burp Suite 2025.1, is packed with new features and enhancements designed to improve your web application testing workflow.

This latest version brings exciting upgrades like auto-pausing Burp Intruder attacks based on response content, exporting Collaborator interactions to CSV, highlighting Content-Length mismatches, a browser upgrade, and several bug fixes. Let’s dive into what’s new.

Game-Changing Features

Auto-Pause Intruder Attacks

The Auto-pause attack feature is a significant enhancement to Burp Intruder. This new functionality allows you to pause attacks automatically when specific criteria are met—such as when a specified expression appears in or is missing from the response.

 This not only optimizes memory usage during large-scale attacks but also helps testers zero in on relevant responses without unnecessary manual intervention.

Are you from SOC/DFIR Teams? - Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Content-Length Mismatch Highlighting

Burp Suite is now smarter at identifying vulnerabilities! The tool will automatically flag HTTP responses where the Content-Length header value doesn’t match the actual response body size.

This feature is especially helpful in spotting issues like HTTP request smuggling, making your vulnerability assessment process faster and more accurate.

CSV Export for Collaborator Interactions

A highly requested feature, users can now export all Collaborator interactions as CSV files. This makes it easier to include detailed interaction logs in reports or proof-of-concept demonstrations.

Additionally, you can mark Collaborator interactions as read, allowing you to keep track of reviewed items and focus on new or important activities.

Bug Fixes and Usability Improvements

PortSwigger has resolved several bugs to enhance the user experience:

  • Fixed issues with Home and End keys causing cursor misplacement in the message editor.
  • The Burp Logger view filter now correctly reapplies after reaching the capture limit.
  • Resolved a bug where new configurations were not displayed in the configuration library without restarting Burp.
  • Addressed payload encoding character errors when creating a new Intruder tab.
  • Fixed non-functional hotkeys (e.g., Add notes hotkey) in modules like Organizer and Repeater.
  • Copying text using Ctrl+C in BCheck preview now works seamlessly on Linux and Windows.
  • Extensions with WebSocket message editor implementations now load correctly, eliminating disappearing tabs.

Burp’s embedded browser has been upgraded to Chromium 132.0.6834.84 (Windows & macOS) and 132.0.6834.83 (Linux). This update ensures better security, compatibility, and performance in web testing environments. 

With Burp Suite 2025.1, PortSwigger demonstrates its commitment to enhancing efficiency and accuracy for security testers.

Whether you’re running large-scale attacks, detecting subtle mismatches, or presenting findings, this release brings something useful for everyone.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar



Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Blue Shield Exposed Health Data of 4.7 Million via Google Ads

Blue Shield of California has disclosed a significant data privacy incident affecting up to 4.7…

46 minutes ago

Microsoft Offers $30,000 Bounties for AI Security Flaws

Microsoft has launched a new bounty program that offers up to $30,000 to security researchers…

1 hour ago

The Human Firewall: Strengthening Your Weakest Security Link

Despite billions spent annually on cybersecurity technology, organizations continue to experience breaches with alarming frequency.…

2 hours ago

WhatsApp Launches Advanced Privacy Tool to Secure Private Chats

WhatsApp, the world’s leading messaging platform, has unveiled a major privacy upgrade called "Advanced Chat…

2 hours ago

Hackers Exploit NFC Technology to Steal Money from ATMs and POS Terminals

In a disturbing trend, cybercriminals, predominantly from Chinese underground networks, are exploiting Near Field Communication…

16 hours ago

Threat Actors Leverage TAG-124 Infrastructure to Deliver Malicious Payloads

In a concerning trend for cybersecurity, multiple threat actors, including ransomware groups and state-sponsored entities,…

16 hours ago