PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions.
Bug Fixes and Browser Updates:
A notable bug fix corrects the display of source IP addresses for DNS requests over IPv6 in the Burp Collaborator.
Additionally, the browser component of Burp Suite has been updated to Chromium 133.0.6943.54 for Windows and Mac, and 133.0.6943.53 for Linux, ensuring compatibility and security with the latest web technologies.
This update marks a significant leap in integrating AI into security testing, promising more intelligent and efficient tools for both professional and community users of Burp Suite.
AI Integration in Montoya API:
The latest version of Burp Suite now features built-in AI support within the Montoya API, allowing extensions to interact securely with a large language model (LLM) via PortSwigger’s custom AI platform.
This integration facilitates advanced automation and data analysis without the need for external API keys or complex setups.
Users can now leverage AI to perform tasks like generating custom transformation tags or creating code in various programming languages directly within Burp Suite extensions.
Burp Suite introduces AI credits, a straightforward payment mechanism for AI interactions to fuel these new AI-driven features. Each user starts with 10,000 free credits, equivalent to $5 in AI requests.
An example of this in action is the AI-enhanced Hackvertor extension, where AI can generate or modify tags based on natural language inputs or observed traffic patterns.
Alongside these technological enhancements, PortSwigger has updated its data processing agreement to encompass the new AI service provisions.
Upon updating to this version of Burp Suite, users must accept the new End User License Agreement (EULA).
Bambda Library:
A new Bambda library has been added, providing a centralized place to store, manage, and reuse Bambdas across various Burp tools.
Users can import Bambdas from shared sources or the dedicated GitHub repository, enhancing the customization and efficiency of security testing workflows.
To simplify the process of developing extensions, a ready-to-use starter project is now available directly within Burp Suite. This project includes pre-configured files to kickstart development, making it easier for developers to begin coding immediately.
API Updates and Quality of Life Improvements:
The Montoya API has been updated to support better management of project file IDs and parameter retrieval.
Furthermore, general usability has been improved with features like persistent settings in Intruder, a new session handling action for request modifications, and options to streamline extension reloading.
Upgrade Your Cybersecurity Skills With 150+ Practical Cybersecurity Courses Online - Enroll Here
