BurpSuite
BurpSuite MCP Server: A powerful Model Context Protocol (MCP) server implementation for BurpSuite, providing programmatic access to Burp's core functionalities.
claude mcp add --transport stdio x3r0k-burpsuite-mcp-server python main.py \ --env BURP_API_KEY="Your BurpSuite API key" \ --env BURP_API_HOST="localhost" \ --env BURP_API_PORT="1337" \ --env BURP_PROXY_HOST="127.0.0.1" \ --env BURP_PROXY_PORT="8080" \ --env MCP_SERVER_HOST="0.0.0.0" \ --env MCP_SERVER_PORT="8000"
How to use
This BurpSuite MCP Server exposes a FastAPI-backed API that lets you programmatically interact with BurpSuite, providing proxy capabilities, a scanner, and vulnerability analysis tooling via MCP endpoints. You can intercept and manipulate HTTP/HTTPS traffic through the proxy endpoints, kick off active or passive scans against target URLs, and query detailed logs and vulnerability analyses from the built-in logger and analyzer tools. Typical workflows include starting a proxy session to inspect traffic, launching a targeted scan for a given URL, and then querying for vulnerabilities or log details to identify issues across requests and responses. The server documents its API via Swagger and Redoc, available at http://localhost:8000/docs and http://localhost:8000/redoc, respectively, which allows you to explore endpoints like /proxy/intercept, /proxy/history, /scanner/start, /logger/logs, and /logger/vulnerabilities.
How to install
Prerequisites:
- Python 3.8+ (as indicated by the project badges)
- Git
- Internet access to install dependencies
Step-by-step installation:
# 1) Clone the repository
git clone https://github.com/X3r0K/BurpSuite-MCP-Server.git
cd BurpSuite-MCP-Server
# 2) Create and activate a virtual environment (recommended)
python3 -m venv venv
source venv/bin/activate # On Windows use: venv\Scripts\activate
# 3) Install dependencies
pip install -r requirements.txt
Configure environment variables (example):
# Copy example config to actual env file if provided by the project
# Alternatively, set in your environment or in MCP config env section
export BURP_API_KEY=Your_API_KEY
export BURP_API_HOST=localhost
export BURP_API_PORT=1337
export BURP_PROXY_HOST=127.0.0.1
export BURP_PROXY_PORT=8080
export MCP_SERVER_HOST=0.0.0.0
export MCP_SERVER_PORT=8000
# 4) Start the server
python main.py
The server will start and be accessible at http://localhost:8000. You can adjust the environment variables to fit your BurpSuite deployment and network setup.
Additional notes
Tips and caveats:
- Ensure BurpSuite API access is correctly configured and that the Burp proxy settings in .env or MCP config match your Burp installation.
- Use a secure environment and authentication for the MCP endpoints in production.
- If the server fails to start, check that Python dependencies are installed, and confirm that the specified ports are not in use by other services.
- The MCP endpoints mirror BurpSuite capabilities: proxy interception (/proxy/intercept, /proxy/history), scanning (/scanner/start, /scanner/status/{id}, /scanner/stop/{id}), and detailed logging/vulnerability analytics (/logger/*, /logger/vulnerabilities).
- The included API docs at /docs and /redoc are your friends for discovering available endpoints and payload structures.
Related MCP Servers
mcp-vegalite
MCP server from isaacwasserman/mcp-vegalite-server
github-chat
A Model Context Protocol (MCP) for analyzing and querying GitHub repositories using the GitHub Chat API.
nautex
MCP server for guiding Coding Agents via end-to-end requirements to implementation plan pipeline
pagerduty
PagerDuty's official local MCP (Model Context Protocol) server which provides tools to interact with your PagerDuty account directly from your MCP-enabled client.
futu-stock
mcp server for futuniuniu stock
mcp -boilerplate
Boilerplate using one of the 'better' ways to build MCP Servers. Written using FastMCP
