PortSwigger has announced the release of Burp Suite Professional and Community Edition 2025.2, introducing significant updates that include AI integration into the Montoya API, enhancing the capabilities for building smarter, AI-powered extensions.
A notable bug fix corrects the display of source IP addresses for DNS requests over IPv6 in the Burp Collaborator.
Additionally, the browser component of Burp Suite has been updated to Chromium 133.0.6943.54 for Windows and Mac, and 133.0.6943.53 for Linux, ensuring compatibility and security with the latest web technologies.
This update marks a significant leap in integrating AI into security testing, promising more intelligent and efficient tools for both professional and community users of Burp Suite.
The latest version of Burp Suite now features built-in AI support within the Montoya API, allowing extensions to interact securely with a large language model (LLM) via PortSwigger’s custom AI platform.
This integration facilitates advanced automation and data analysis without the need for external API keys or complex setups.
Users can now leverage AI to perform tasks like generating custom transformation tags or creating code in various programming languages directly within Burp Suite extensions.
Burp Suite introduces AI credits, a straightforward payment mechanism for AI interactions to fuel these new AI-driven features. Each user starts with 10,000 free credits, equivalent to $5 in AI requests.
An example of this in action is the AI-enhanced Hackvertor extension, where AI can generate or modify tags based on natural language inputs or observed traffic patterns.
Alongside these technological enhancements, PortSwigger has updated its data processing agreement to encompass the new AI service provisions.
Upon updating to this version of Burp Suite, users must accept the new End User License Agreement (EULA).
A new Bambda library has been added, providing a centralized place to store, manage, and reuse Bambdas across various Burp tools.
Users can import Bambdas from shared sources or the dedicated GitHub repository, enhancing the customization and efficiency of security testing workflows.
To simplify the process of developing extensions, a ready-to-use starter project is now available directly within Burp Suite. This project includes pre-configured files to kickstart development, making it easier for developers to begin coding immediately.
The Montoya API has been updated to support better management of project file IDs and parameter retrieval.
Furthermore, general usability has been improved with features like persistent settings in Intruder, a new session handling action for request modifications, and options to streamline extension reloading.
Upgrade Your Cybersecurity Skills With 150+ Practical Cybersecurity Courses Online - Enroll Here
In recent months, a sophisticated social engineering technique known as ClickFix has gained significant traction…
A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is…
The FBI has issued a warning about a growing threat involving free file conversion tools,…
A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets users…
SocGholish, a sophisticated malware-as-a-service (MaaS) framework, has been identified as a key enabler in the…
A recent cybersecurity threat has emerged in the form of a steganographic campaign that uses…