MCP.so
登录

Burp Suite MCP Server

@N0el4kLs

关于 Burp Suite MCP Server

MCP Server for Burpsuite

基本信息

分类

其他

运行时

java

传输方式

stdio

发布者

N0el4kLs

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "burpmcp-n0el4kls": {
      "command": "uv",
      "args": [
        "sync"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Burp Suite MCP Server?

Burp Suite MCP Server is a Model Context Protocol server that enables LLMs to retrieve data from Burp Suite proxy history using SQL-like queries. It is designed for security researchers and penetration testers to streamline security testing and analysis.

How to use Burp Suite MCP Server?

Install the Burp Suite extension (JAR file) and load it in Burp Suite (it starts an HTTP server on port 8889). Install Python dependencies with uv sync, then configure an MCP client (e.g., Claude Desktop) with the command python /ABSOLUTE_PATH_TO/burpsuite_mcp.py.

Key features of Burp Suite MCP Server

  • SQL-like query syntax to retrieve data from Burp Suite proxy history
  • Select specific fields (raw request/response, method, URL, host, body, status code)
  • Avoid excessive context length by returning only needed fields
  • Works with any MCP-compatible client

Use cases of Burp Suite MCP Server

  • Automate analysis of captured HTTP requests and responses during penetration testing
  • Query specific request patterns (e.g., all POST requests to a target host)
  • Integrate LLM-based security analysis with Burp Suite proxy logs
  • Selectively extract response bodies or headers for further inspection

FAQ from Burp Suite MCP Server

How does this server differ from the official Burp Suite MCP server?

It allows you to specify which fields to return from HTTP History, reducing context length. However, it has fewer features and no user interface.

What are the runtime requirements?

Java 17 or higher and Python 3.11 or higher are required. The Burp Suite extension runs on port 8889.

Where does the data come from?

Data is retrieved in real time from the Burp Suite proxy history using SQL-like queries. No external storage is used.

What transport and authentication does it use?

The server communicates via HTTP on localhost port 8889. No authentication is mentioned.

What are the known limitations?

Compared to the official server, it has fewer features and no graphical UI.

评论

其他 分类下的更多 MCP 服务器