Burp

v1.0.0Securitystable

基于PostSwigger官方的MCP-Server插件,扩展了更多使用工具

burpmcpai-integration
Share:
15
Stars
0
Downloads
0
Weekly
0/5

What is Burp?

Burp is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to 基于postswigger官方的mcp-server插件,扩展了更多使用工具

基于PostSwigger官方的MCP-Server插件,扩展了更多使用工具

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • 基于PostSwigger官方的MCP-Server插件,扩展了更多使用工具

Use Cases

Extend Burp Suite security tools with additional capabilities.
dinosn

Maintainer

LicenseGPL-3.0
Languagekotlin
Versionv1.0.0
UpdatedFeb 12, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx burp

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Burp

The Burp Suite MCP Server is a Burp Suite extension (written in Kotlin) that exposes Burp's proxy, scanner, and configuration capabilities through the Model Context Protocol via a local SSE endpoint. It allows AI clients like Claude Desktop to interact directly with a running Burp Suite instance — querying intercept history, triggering scans, and editing Burp's configuration — all without leaving the AI interface. Security researchers and web application pentesters can use it to integrate Burp's industry-standard tooling into AI-assisted assessment workflows.

Prerequisites

  • Burp Suite (Community or Professional) installed and running
  • Java JDK installed with java and jar commands available in PATH
  • Gradle (or the ./gradlew wrapper in the repo) to build the extension JAR
  • An MCP-compatible AI client such as Claude Desktop
1

Clone the Burp MCP server repository

Clone the repository that extends the official PortSwigger MCP Server plugin with additional tools.

git clone https://github.com/dinosn/burp-mcp-server.git
cd burp-mcp-server
2

Build the extension JAR

Use the Gradle wrapper to build a fat JAR that embeds all dependencies including the MCP proxy.

./gradlew embedProxyJar
# Output: build/libs/burp-mcp-all.jar
3

Load the JAR into Burp Suite

Open Burp Suite, navigate to the Extensions tab, click Add, set the extension type to Java, and select the built JAR file (build/libs/burp-mcp-all.jar). The MCP tab will appear in Burp's UI after the extension loads.

4

Enable the MCP server in Burp's MCP tab

In the new MCP tab within Burp Suite, toggle 'Enabled' to start the local SSE server. The default endpoint is http://127.0.0.1:9876/sse. Optionally enable 'Allow tools that can edit your config' for full configuration control.

5

Configure your AI client to connect via SSE

Add Burp as an MCP server in your Claude Desktop config using the SSE URL. Claude will connect to the running Burp instance.

{
  "mcpServers": {
    "burp": {
      "url": "http://localhost:9876/sse"
    }
  }
}

Burp Examples

Client configuration

Claude Desktop config connecting to the Burp SSE endpoint. Alternatively, use the stdio proxy if your client requires it.

{
  "mcpServers": {
    "burp": {
      "url": "http://localhost:9876/sse"
    }
  }
}

Prompts to try

Example prompts for AI-driven Burp Suite interactions (use only on authorized targets).

- "Show me the last 20 requests captured in Burp's proxy history."
- "Start an active scan on https://example.com and report the findings when complete."
- "List the current Burp Suite scanner configuration settings."
- "Filter the proxy history for requests containing 'admin' in the URL."
- "What issues did Burp find in the last scan?"

Troubleshooting Burp

Extension fails to load in Burp with a class loading error

Ensure you used ./gradlew embedProxyJar (not a standard build task) to produce a fat JAR. A thin JAR will be missing the MCP proxy dependencies and will fail to load.

Claude cannot connect to the SSE endpoint

Confirm the MCP server is toggled on in Burp's MCP tab and Burp is running. Check that no firewall is blocking 127.0.0.1:9876. You can verify the endpoint is up with: curl http://127.0.0.1:9876/sse

No scan or config-editing tools appear in the AI client

In Burp's MCP tab, enable the 'Enable tools that can edit your config' option. Without this toggle, only read-only tools are exposed via the MCP interface.

Frequently Asked Questions about Burp

What is Burp?

Burp is a Model Context Protocol (MCP) server that 基于postswigger官方的mcp-server插件,扩展了更多使用工具 It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Burp?

Follow the installation instructions on the Burp GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Burp?

Burp works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Burp free to use?

Yes, Burp is open source and available under the GPL-3.0 license. You can use it freely in both personal and commercial projects.

Burp Alternatives — Similar Security Servers

Looking for alternatives to Burp? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "burp": { "command": "npx", "args": ["-y", "burp"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Burp?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides