Burp Suite Professional is the web security tester's toolkit of choice. Use it to automate repetitive testing tasks - then dig deeper with its expert-designed manual and semi-automated security testing tools.
Burp Suite Professional can help you to test for OWASP Top 10 vulnerabilities - as well as the very latest hacking techniques.
1. Install Java. Personally I am using JDK 17 on my Burp testing VM.
Burp employees have recommended this site: https://jdk.java.net/archive/
But, I'd suggest the official Oracle one which you can download without login here:
https://files02.tchspt.com/temp/jdk-17.0.5_windows-x64_bin.exe
or here: https://mir.cr/6ZAKUBL0 (multiple mirrored links for easy download)
Latest Java is fine too, but you'll see a warning.
2. Choose a good location for your Burp install - I use c:\burpsuite\
put the BurpLoaderKeygen.jar file there (actually just put all files there)
3. Doubleclick BurpLoaderKeygen.jar to run it
4. BurpLoaderKeygen.jar checks the latest available JAR download and tells you
click on the link to open and download the latest jar to same directory
it will be something like burpsuite_pro_v2022.12.jar
make sure it's copied to the same directory such as c:\burpsuite\
5. Now in BurpLoaderKeygen.jar, set your License Text to whatever you like - unlike
some other releases you can change this value here.
Then click the RUN button to launch Burpsuite
6. In Burpsuite paste in the license from BurpLoaderKeygen.jar - click the field in
BurpLoaderKeygen.jar then CTRL-A, CTRL-C to select all and copy to clipboard,
then paste in Burp.
7. Click MANUAL ACTIVATION to continue offline, copy the activation request
to clipboard from Burp, and paste it into BurpLoaderKeygen.jar - it will
immediately create a activation response
8. Copy and paste the activation response from BurpLoaderKeygen.jar to Burp
it'll finish saying activation was successful
9. Close it all. Now run BurpLoaderKeygen.jar and click on "auto run" checkbox -
this should make it so that when you run this in the future if there is no
update it will just run Burpsuite. You can close it, then doubleclick again
to verify it works. You should NOT see the keygen window, Burp just runs.
10. To make a nice shortcut to this - I suggest in windows to make a LNK shortcut
that you set to your javaw ( <- WITH A W), and set the icon for it (use one I enclose)
so my lnk file in windows on my desktop in the "target" field says this:
"C:\Program Files\Java\jdk-17.0.5\bin\javaw.exe" -jar BurpLoaderKeygen.jar
(I use double quotes around the java path because of the space in "program files",
and it's all one line) BurpLoaderKeygen.jar should automatically run Burpsuite with
the correct options and since you used javaw there will be no window left open. No
need to .vbs or other tricks I've seen people using. Use my method it's better and
simpler. How to make lnk? Right click and drag the BurpLoaderKeygen.jar to your
desktop and release, chosing "create shortcut" (that's a lnk). Then rightclick the
shortcut and set the target more like what I have above, so it's running javaw.exe
but with BurpLoaderKeygen.jar as a parameter. You can set custom icon like burp.ico.
Burp Suite Professional can help you to test for OWASP Top 10 vulnerabilities - as well as the very latest hacking techniques.
1. Install Java. Personally I am using JDK 17 on my Burp testing VM.
Burp employees have recommended this site: https://jdk.java.net/archive/
But, I'd suggest the official Oracle one which you can download without login here:
https://files02.tchspt.com/temp/jdk-17.0.5_windows-x64_bin.exe
or here: https://mir.cr/6ZAKUBL0 (multiple mirrored links for easy download)
Latest Java is fine too, but you'll see a warning.
2. Choose a good location for your Burp install - I use c:\burpsuite\
put the BurpLoaderKeygen.jar file there (actually just put all files there)
3. Doubleclick BurpLoaderKeygen.jar to run it
4. BurpLoaderKeygen.jar checks the latest available JAR download and tells you
click on the link to open and download the latest jar to same directory
it will be something like burpsuite_pro_v2022.12.jar
make sure it's copied to the same directory such as c:\burpsuite\
5. Now in BurpLoaderKeygen.jar, set your License Text to whatever you like - unlike
some other releases you can change this value here.
Then click the RUN button to launch Burpsuite
6. In Burpsuite paste in the license from BurpLoaderKeygen.jar - click the field in
BurpLoaderKeygen.jar then CTRL-A, CTRL-C to select all and copy to clipboard,
then paste in Burp.
7. Click MANUAL ACTIVATION to continue offline, copy the activation request
to clipboard from Burp, and paste it into BurpLoaderKeygen.jar - it will
immediately create a activation response
8. Copy and paste the activation response from BurpLoaderKeygen.jar to Burp
it'll finish saying activation was successful
9. Close it all. Now run BurpLoaderKeygen.jar and click on "auto run" checkbox -
this should make it so that when you run this in the future if there is no
update it will just run Burpsuite. You can close it, then doubleclick again
to verify it works. You should NOT see the keygen window, Burp just runs.
10. To make a nice shortcut to this - I suggest in windows to make a LNK shortcut
that you set to your javaw ( <- WITH A W), and set the icon for it (use one I enclose)
so my lnk file in windows on my desktop in the "target" field says this:
"C:\Program Files\Java\jdk-17.0.5\bin\javaw.exe" -jar BurpLoaderKeygen.jar
(I use double quotes around the java path because of the space in "program files",
and it's all one line) BurpLoaderKeygen.jar should automatically run Burpsuite with
the correct options and since you used javaw there will be no window left open. No
need to .vbs or other tricks I've seen people using. Use my method it's better and
simpler. How to make lnk? Right click and drag the BurpLoaderKeygen.jar to your
desktop and release, chosing "create shortcut" (that's a lnk). Then rightclick the
shortcut and set the target more like what I have above, so it's running javaw.exe
but with BurpLoaderKeygen.jar as a parameter. You can set custom icon like burp.ico.
This resource has been reported as working in 0 time(s), and as not-working 0 time(s) this month.
(0 time(s) working and 0 time(s) not-working in total)
(0 time(s) working and 0 time(s) not-working in total)
