Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

New Burp Suite API: we want your feedback!

Sean Burns | 08 December 2022 at 10:45 UTC

New Burp Suite API - we want your feedback

If you follow the Burp Suite roadmap, then you'll know that we're working on a complete rewrite of the "Wiener" API used in Burp Suite Professional and Burp Suite Community Edition. The new API is codenamed "Montoya", and will eventually expose much more of Burp Suite's core functionality - providing richer capabilities for writers of Burp extensions.

As one of the devs working on this project, I'm pleased to announce that things are going well. The feature-parity Montoya API has been available since Burp Suite 2022.9.5, and we're going to be adding more functionality very soon (like in 2022.11, which added API support for WebSocket listeners).

Have your say

I'm also here to ask a favor - because we want your feedback. If you currently use Burp Suite's Wiener API to write extensions, or if you've always fancied writing a Burp Suite extension in Java, then we'd love for you to put the new Montoya API through its paces. More specifically, if you want to report a bug, or have any suggestions for the new API, then we're very open to both of those things.

These are exciting times to be an author of Burp Suite extensions - because we're going to be continuously improving and adding to the new API. In the near future, you can expect to see new functionality exposed around project files (enabling you to persist data), scan configurations, and table customization (adding custom columns in just about any Burp Suite table you can think of). This will all add up to give you access to even more of Burp Suite's power in your extensions - and we're already planning what to add after that.

Let us know what you think over on the Montoya API GitHub site. And of course, if you want any inspiration, then check out the BApp Store, for a huge range of open source Burp Suite extensions written using the old API. Until next time, happy coding!