MCP.so
Sign In

BurpMCP

@swgee

About BurpMCP

Burp Suite Extension with MCP Server to enhance manual application security testing

Basic information

Category

Developer Tools

License

MIT

Runtime

java

Transports

stdio

Publisher

swgee

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "burpmcp": {
      "autoApprove": [],
      "disabled": false,
      "timeout": 30,
      "url": "http://localhost:8181/mcp/sse",
      "transportType": "sse"
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is BurpMCP?

BurpMCP is a Burp Suite extension that integrates with Model Context Protocol (MCP) clients like Claude Desktop and Cursor, allowing LLMs to assist in manual HTTP-based application security testing. It provides tools to save, send, and modify requests, generate Collaborator payloads, and view debug logs, serving as an AI-powered sidekick for security testers, vulnerability researchers, and bug bounty hunters.

How to use BurpMCP?

Download the jar from releases and load it into Burp. The MCP server runs by default on localhost port 8181 over SSE. Configure your MCP client (e.g., Cline, Dive) with the SSE URL http://localhost:8181/mcp/sse. For STDIO‑only clients like Claude Desktop, use the provided stdio-bridge.py script. To send a request, right‑click it in Burp and select Extensions -> Send to BurpMCP. Saved requests appear in the “Saved Requests” tab and can be retrieved by the LLM.

Key features of BurpMCP

  • Save requests for MCP clients to retrieve.
  • Send new HTTP/1.1 and HTTP/2 requests.
  • Resend saved requests with regex string replacements.
  • Generate Collaborator payloads and retrieve interactions.
  • View all MCP messages in server logs for debugging.

Use cases of BurpMCP

  • Autonomous testing of HTTP-based applications with LLM guidance.
  • Navigating unfamiliar attack surfaces with AI‑driven exploration.
  • Out‑of‑band vulnerability detection via Collaborator payloads.
  • Streamlining repeater‑like tasks for large numbers of requests.
  • Debugging LLM‑driven testing workflows by inspecting MCP messages.

FAQ from BurpMCP

Why do models sometimes omit headers like Content‑Length or URL encoding?

This is a known model limitation, not a bug in BurpMCP. The LLM occasionally fails to add required components to requests.

What should I check if an HTTP/2 request fails?

Examine the request for forbidden headers. The HTTP/2 tool parameter specifies that such headers should be excluded, but the model may ignore this instruction.

How can I fix CRLF line endings in HTTP/1.1 requests?

Some MCP clients cannot send \r\n. BurpMCP can automatically replace LF with CRLF. Enable this feature in the extension settings.

Why does the LLM sometimes hang after an error response?

Some MCP clients do not acknowledge error responses promptly. The best workaround is to use a client that supports timeouts, such as Cline.

Are there limitations when resending requests over HTTP/2?

Headers are joined by newlines and re‑split before sending, and cookies become separate headers. This makes manual injection of newlines into header values difficult, limiting HTTP/2 protocol vulnerability testing.

Comments

More Developer Tools MCP servers