Burp Suite
Connect AI clients to Burp Suite for web-application security testing.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Burp Suite, derived from its capabilities.
AIVSS 8.9 · High
View MAESTRO 7-layer threat model →Overview
PortSwigger's MCP server extension lets AI clients connect to Burp Suite, driving its web-security testing engine (proxy, scanner, repeater) from an agent. Because it can send arbitrary requests and run active scans, it is an offensive-security tool that demands careful scope control.
Key features
- Drive Burp scanner/repeater
- Proxy and request tooling
- AI-client integration
Use cases
- Automate web pentesting
- Analyze Burp findings with an LLM