Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Professional / Community 1.7.18

28 February 2017 at 13:47 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release adds a new option to prevent project data being accumulated for out-of-scope items that pass through Burp Proxy.

It is common for users to configure their system-wide proxy settings to send all traffic through Burp, with the result that a large quantity of irrelevant requests and responses go through Burp Proxy, generated by OS components, other software, or unrelated browsing by the user. With the new feature, you can prevent out-of-scope items being added to the Proxy history or Target site map, or being automatically sent to other Burp tools (such as for live scanning).

The new option can be turned on at Proxy / Options / Miscellaneous:

When you first add an item to scope, Burp will ask if you want to enable this option, to prevent the Proxy from sending out-of-scope items to the history or other Burp tools:

If you check "always take the same action in future", then Burp will remember your choice and apply it automatically on future executions of Burp, when you first add an item to scope. You can control the use of this setting, and whether the dialog is shown, at User options / Misc / Proxy history logging:

A large number of minor bugfixes and other enhancements have also been made.