Burp Suite's 2025.1 update brings significant enhancements to streamline penetration testing workflows. A standout feature is the Auto-Pause Attack in Burp Intruder, which allows users to automatically pause ongoing attacks when specific conditions are met in HTTP responses. This functionality optimizes memory usage during large-scale attacks and helps testers focus on relevant results without manual intervention. Additionally, Burp Suite now highlights discrepancies in the Content-Length response header, flagging instances where the declared length doesn't match the actual size of the response body. This enhancement is particularly useful for identifying issues like HTTP request smuggling or other anomalies in server responses. The Collaborator tool has also been updated to support exporting interaction data as CSV files, making it easier for security professionals to include detailed interaction logs in proof-of-concept reports or presentations. Users can now mark interactions as "read," helping them differentiate between reviewed and new activities more effectively. These updates aim to improve usability, efficiency, and technical robustness for penetration testers and cybersecurity professionals.
In addition to these features, Burp Suite's integrated browser has been upgraded to Chromium version 132.0.6834.84 for Windows and macOS, and 132.0.6834.83 for Linux. This ensures compatibility with modern web standards and enhances performance during manual testing workflows. Several bugs have also been resolved in this release to improve stability and user experience. For example, issues with cursor positioning in the message editor and problems with Burp Loggerβs view filter have been addressed. The update also corrects payload encoding issues when creating new Intruder tabs with encoding disabled and fixes non-functional hotkeys for adding notes in Burp Organizer and Repeater. These improvements contribute to a more seamless and efficient testing experience for users.