Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Professional 1.6.04

13 August 2014 at 16:43 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release fixes a number of minor bugs in the JavaScript code analysis engine. These bugs resulted in false negatives or performance problems in the detection of certain DOM-based vulnerabilities.

Additionally, the following other changes have been made:

  • A bug affecting the restoration of saved Intruder attacks has been fixed.
  • A bug that prevented the button to help install Jython or JRuby from showing for some relevant BApps, has been fixed.
  • A bug that occasionally causes the Scanner UI to hang when modifying issue severity or confidence has been addressed (again). Further feedback on this problem is welcomed.
  • Some new match/replace rules have been added to the default Proxy options, allowing removal of HSTS response headers, and disabling of browser XSS protection.