Burp Suite

Integrates Burp Suite's web security testing platform with tools for HTTP request/response handling, vulnerability scanning, crawling, proxy history access, and configuration management to enable automated security analysis workflows and intelligent vulnerability discovery.

This Burp Suite MCP server extension integrates the popular web security testing platform with AI clients, enabling automated security analysis workflows through the Model Context Protocol. Built by Daniel S and Daniel Allen at PortSwigger using Kotlin with Ktor for the web server and the MCP Kotlin SDK, it exposes Burp's core functionality including HTTP request/response handling, vulnerability scanning, crawling, proxy history access, and configuration management through a comprehensive set of tools. The implementation features security controls with user approval dialogs for sensitive operations, automatic installation support for Claude Desktop via a bundled stdio proxy server, and real-time server-sent events communication, making it valuable for security researchers and penetration testers who want to leverage AI assistance for vulnerability discovery, security assessment automation, and intelligent analysis of web application security findings.