InfoSecBulletin Cybersecurity for mankind
PortSwigger has launched Burp Suite 2025.1, adding new features and improvements to enhance usability and efficiency for penetration testers. This update features major improvements to the Burp Intruder module, HTTP response analysis, and interaction management, as well as a browser upgrade and bug fixes.
Auto-Pause Intruder Attacks:
By 2025, India’s First Semiconductor Chip to be ready
CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches
CVE-2025-0475 & CVE-2025-0555
GitLab’s High-Risk Flaw, Patch Now Urgently!
Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts
HaveIBeenPwned Added 244 Million Passwords Stolen By Infostealers
Hackers Exploits RCE flaw in Cisco Small Business Router
CISA Alerts For Active Exploited Zimbra and Microsoft flaw
200 Fake GitHub Repos Attacking Developers to Deliver Malware
Renew Dubai visa within minutes with AI-powered Salama
CVE-2024-20953
CISA Flags Oracle Agile PLM Actively Exploited Security Flaw
A key feature of this release is the new Auto-Pause Attack in Burp Intruder. It enables users to automatically pause attacks when certain conditions in HTTP responses are met.
Users can set the tool to pause an attack when a certain expression is detected or absent in the response. This feature improves memory efficiency during large attacks and allows testers to concentrate on relevant results automatically.
Content-Length Mismatch Highlighting:
Burp Suite now automatically highlights differences in the Content-Length response header to improve vulnerability detection.
If the length stated in the header doesn’t match the actual response size, it will be flagged. This improvement helps detect problems such as HTTP request smuggling and other server response issues.
CSV Export for Collaborator Interactions:
Burp Collaborator now allows users to export interaction data as CSV files, simplifying the process for security professionals to include detailed logs in reports or presentations.
Users can now mark interactions as “read,” making it easier to distinguish between reviewed and new activities.
Bug Fixes:
Several bugs have been resolved in this release to improve stability and user experience:
Fixed an issue where the Home and End keys caused incorrect cursor positioning in the message editor.
Resolved a problem with Burp Logger’s view filter not reapplying correctly after reaching capture limits.
Addressed a bug that prevented newly saved configurations from appearing in the configuration library without restarting Burp.
Corrected payload encoding issues when creating new Intruder tabs with encoding disabled.
Fixed non-functional hotkeys for adding notes in Burp Organizer and Repeater.
Resolved copy-paste issues on Linux and Windows for BCheck preview screens.
Fixed problems with extension-provided tabs disappearing when loading multiple extensions, especially those with WebSocket message editor implementations.
Burp Suite’s integrated browser is now updated to Chromium version 132.0.6834.84 for Windows and macOS, and 132.0.6834.83 for Linux. This guarantees compatibility with modern web standards and improves performance in manual testing.
Burp Suite 2025.1 greatly improves usability, efficiency, and technical strength for penetration testers and cybersecurity experts.
The new auto-pause feature and improved response analysis will simplify workflows and enhance web application testing. Users should update to the latest version for improved security assessments.
