Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more

Professional 1.7.37

10 August 2018 at 00:20 UTC

SHA256: {SHA FROM OPTION GOES HERE} MD5: {MD5 FROM OPTION GOES HERE}

This release adds some powerful new Scanner checks based on James Kettle's talk at Black Hat today.

For full details of this awesome new research, see our blog post on practical web cache poisoning.

Burp Scanner is now able to detect two new vulnerabilities, "Web cache poisoning" and "Request URL override":

Note: On 10 October 2018, the .DMG package was regenerated to be compatible with MacOS Mojave.