Thursday, May 8, 2025
HomeCyber Security NewsBurp Suite Professional / Community 2025.2 Released With New Built-in AI Integration

Burp Suite Professional / Community 2025.2 Released With New Built-in AI Integration

Published on

SIEM as a Service

Follow Us on Google News

PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions.

Bug Fixes and Browser Updates:

A notable bug fix corrects the display of source IP addresses for DNS requests over IPv6 in the Burp Collaborator.

Additionally, the browser component of Burp Suite has been updated to Chromium 133.0.6943.54 for Windows and Mac, and 133.0.6943.53 for Linux, ensuring compatibility and security with the latest web technologies.

- Advertisement - Google News

This update marks a significant leap in integrating AI into security testing, promising more intelligent and efficient tools for both professional and community users of Burp Suite.

AI Integration in Montoya API:

The latest version of Burp Suite now features built-in AI support within the Montoya API, allowing extensions to interact securely with a large language model (LLM) via PortSwigger’s custom AI platform.

This integration facilitates advanced automation and data analysis without the need for external API keys or complex setups.

Users can now leverage AI to perform tasks like generating custom transformation tags or creating code in various programming languages directly within Burp Suite extensions.

Burp Suite introduces AI credits, a straightforward payment mechanism for AI interactions to fuel these new AI-driven features. Each user starts with 10,000 free credits, equivalent to $5 in AI requests.

An example of this in action is the AI-enhanced Hackvertor extension, where AI can generate or modify tags based on natural language inputs or observed traffic patterns.

Alongside these technological enhancements, PortSwigger has updated its data processing agreement to encompass the new AI service provisions.

Upon updating to this version of Burp Suite, users must accept the new End User License Agreement (EULA).

Bambda Library:

A new Bambda library has been added, providing a centralized place to store, manage, and reuse Bambdas across various Burp tools.

Users can import Bambdas from shared sources or the dedicated GitHub repository, enhancing the customization and efficiency of security testing workflows.

To simplify the process of developing extensions, a ready-to-use starter project is now available directly within Burp Suite. This project includes pre-configured files to kickstart development, making it easier for developers to begin coding immediately.

API Updates and Quality of Life Improvements:

The Montoya API has been updated to support better management of project file IDs and parameter retrieval.

Furthermore, general usability has been improved with features like persistent settings in Intruder, a new session handling action for request modifications, and options to streamline extension reloading.

Upgrade Your Cybersecurity Skills With 150+ Practical Cybersecurity Courses Online - Enroll Here

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect...