Burp Suite MCP Server
Allows LLMs to retrieve data from Burp Suite proxy history, including raw requests, request types, URLs, hosts, request bodies, raw responses, response types, status codes, and response bodies.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Burp Suite MCP Servershow me all POST requests to /api/login"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Burp Suite MCP Server
项目简介
BurpsuiteMCP 是一个模型上下文协议服务器,允许LLMs从Burp Suite代理历史记录中检索数据, 从而帮助研究人员和渗透测试人员更有效地进行安全测试和分析。
该项目灵感来自于GhidraMCP
Related MCP server: DuckDB MCP Server
主要功能
基于SQL的数据查询:使用类似SQL的语法从Burp Suite代理历史记录中检索数据
目前支持从Burp Suite代理历史记录中检索数据包括:
原始请求
请求类型(POST, GET, etc.)
请求URL
Host
请求体
原始响应
响应类型
响应状态码
响应体
相比于官方的MCP:
优点:
可以指定
HTTP History的返回字段, 避免同意返回带来上下文过长的问题。
缺点:
其他功能没官方多
也没有UI
演示
https://github.com/user-attachments/assets/466e0c4a-137d-4589-a8e7-7ffbb37fb863
安装说明
前提条件
Java 17 或更高版本
Python 3.11或更高版本
安装步骤
安装Burp Suite扩展:
下载最新的
MCPBurpExtension.jar文件在Burp Suite中,打开"扩展"选项卡
点击"添加"按钮,选择"Java扩展"
选择下载的JAR文件
扩展将在端口8889上启动HTTP服务器
安装Python依赖:
uv sync
使用指南
基本用法
use MCP Client
{
"mcpServers": {
"burpsuite": {
"command": "python",
"args": [
"/ABSOLUTE_PATH_TO/burpsuite_mcp.py"
]
}
}
}This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/N0el4kLs/BurpMCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server