Skip to main content
The Burp Suite integration lets you push selected issues from Burp Suite directly into your Pentest-Tools.com findings. No more copy-paste, just structured results ready for triage and reporting.
Available on NetSec, WebNetSec, and Pentest Suite plans.

Benefits

One-click export

Push findings from Burp to Pentest-Tools.com instantly.

Unified reporting

Include Burp findings in your pentest reports.

Tracking

Track remediation across all vulnerability sources.

Collaboration

Share imported findings with your team.

How it works

The integration uses a Burp Suite extension that connects directly to your Pentest-Tools.com account:
  1. Install the Burp Suite extension
  2. Configure the extension with your API key
  3. Select issues in Burp Suite
  4. Push them to a workspace in Pentest-Tools.com
  5. View and manage findings alongside your other scans

Setting up the integration

1

Generate an API key

Go to Settings > Integrations > Burp, click the options menu, and select Generate API key.
2

Download the plugin

Click Download plugin to get the Burp Suite extension JAR file.
3

Install in Burp Suite

In Burp Suite, go to Extender > Extensions > Add and select the downloaded JAR file.
4

Configure the extension

In the extension settings, enter your API key.
5

Start pushing findings

Select issues in Burp Suite and use the extension to send them to Pentest-Tools.com.

Using the extension

Once installed and configured:
  1. Run your scans in Burp Suite as usual
  2. Select one or more issues you want to export
  3. Use the extension to push them to Pentest-Tools.com
  4. Choose the target workspace
  5. Findings appear in your Findings list
The import is rate-limited to 50 findings per hour. If you hit the limit, wait before pushing more.

Managing imported findings

Once imported, Burp Suite findings appear in your Findings list with a Burp Suite source indicator. You can:
  • View finding details
  • Change finding status
  • Add to pentest reports
  • Share with team members
  • Track remediation progress
  • Send to Jira or Nucleus

Best practices

Review findings in Burp Suite before pushing to avoid duplicates and ensure quality data.
  • Push findings to the appropriate workspace for organization
  • Use consistent target naming across tools
  • Include detailed evidence in Burp for accurate reporting
Keep your API key secure. Anyone with the key can push findings to your account.

Troubleshooting

  • Verify your API key is correct
  • Check your internet connection
  • Ensure the extension is enabled in Burp Suite
  • Verify you selected the correct workspace
  • Check that the push completed successfully
  • Refresh the Findings page
  • Generate a new API key from the Integrations page
  • Update the key in the Burp Suite extension