Burp Suite 2023.6

A brand-new release of Burp Suite 2023.6, tailored for both Professional and Community users, has been rolled out recently by PortSwigger.

This new Burp Suite 2023.6 comes with a multitude of advancements and several bug fixes. Renowned for its informal alias, the “Pentester’s Swiss Army Knife,” Burp Suite is a versatile toolkit that provides web application pentesters with a comprehensive set of tools.

PortSwigger, the developer and maintainer of this security tool, has crafted this tool in Java to enable the testing of web applications more efficiently for security vulnerabilities.

Internal tools

Pentester’s Swiss Army Knife Burp Suite offers several tools that come pre-inbuilt with the complete package, and here below, we have mentioned them:-

  • Proxy
  • Target
  • Scanner
  • Spider
  • Intruder
  • Repeater
  • Collaborator client
  • Clickbandit
  • Sequencer
  • Decoder
  • Extender
  • Comparer

What’s New In Burp Suite 2023.6?

Along with numerous enhancements and bug fixes, this latest release is accompanied by the BChecks, revolutionizing the concept of custom scan checks. 

Burp Scanner’s live crawl path views have significantly improved, while GraphQL scan checks have received considerable attention.

Here below, we have summarized the newly added and updated features:-

  • Custom scan checks: Unlocking a new level of customization, BChecks empower you to create and import personalized scan checks. Burp Scanner seamlessly incorporates these checks into its existing scanning routine, allowing you to optimize your scans and streamline your testing workflow with utmost efficiency.
  • GraphQL scan checks: This new version brings several new GraphQL scan checks. The new GraphQL scan checks give you the ability to perform the following things:- 
  • Identify and maintain a list of any GraphQL endpoints discovered during the crawl.
  • Identify if introspection queries are enabled.
  • Find out if GraphQL suggestions are enabled.
  • Test for CSRF vulnerabilities in all discovered GraphQL endpoints.
  • Live crawl paths view improvements: The crawler’s navigation actions from a specific location on the crawl path can now be viewed, aiding in understanding your site’s structure. Burp’s browser screenshot can be viewed at any crawl location, accessible through the Crawl paths tab in the scan task details window, while the shortest crawl path tree is enclosed when a project file is reopened.

Other Improvements

PortSwigger’s update to the Montoya API allows users to create extensions that offer extended functionality, amplifying their capabilities.

By utilizing the hotkey Ctrl + Shift + O, you can now effortlessly navigate to the Organizer tab for swift access. Within the Dashboard’s Issue activity table, you can filter issues based on your target scope.

A transformative update from PortSwigger has redefined the launch process of Burp’s browser, introducing a more efficient and user-friendly method.

Moreover, the users can now utilize the tool with accounts from websites that employ fingerprinting techniques to identify the existence of the DevTools listener.

Burp Suite 2023.6 Bug Fixes

A significant improvement has been made to the Organizer table functionality—changing the highlight no longer causes the current row to be deselected.

Furthermore, Intruder attack results in Burp Suite Community Edition now seamlessly integrate filters with precision.

Burp’s integrated browser has been upgraded, running on version 114.0.5735.110 for Windows and 114.0.5735.106 for Mac and Linux.

This update’s comprehensive collection of fixes allows users to enjoy enhanced security measures. You can download the Burp Suite Latest Version Here.

You can check Burp Suite tutorials to learn more about its operations. Take a certified Web Penetration tester course to learn more in-depth about burp suite operations and how it’s practically used in the penetration testing industry.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus
.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.