The Pentester’s Co-Pilot: Revolutionizing Security Audits with Burp AI Agent

by ddos · April 2, 2026

Burp AI Agent is an extension for Burp Suite that integrates AI capabilities into your security workflow. It offers:

Pluggable Backends: Use local models (Ollama, LM Studio), generic OpenAI-compatible providers, or cloud providers (Gemini, Claude, OpenAI/Codex, OpenCode). Add custom backends via drop-in JARs.

Privacy-First Design: Configurable redaction modes (Strict/Balanced/Off) to scrub sensitive data before it leaves Burp.

MCP Server: An embedded Model Context Protocol (MCP) server with 53+ tools for Burp history, Repeater, Scanner, scope, and issue workflows.

AI Scanners: Passive and Active scanners that analyze traffic automatically across 62 vulnerability classes.

Curated BountyPrompt Actions: Optional, tag-aware context menu actions loaded from JSON prompt files.

Audit Logging: JSONL-based logging with SHA-256 integrity hashing for compliance and reproducibility.

7 Built-in Backends

Ollama, LM Studio, Generic OpenAI-compatible, Gemini CLI, Claude CLI, Codex CLI, OpenCode CLI.

53+ MCP Tools

History, Repeater, Intruder, Scanner, Scope, Site Map, Collaborator, Utilities, and more.

62 Vulnerability Classes

From SQLi and XSS to cache poisoning, JWT attacks, and API security issues.

3 Scan Modes

BUG_BOUNTY, PENTEST, and FULL for different engagement styles.

3 Privacy Modes

STRICT (zero trust), BALANCED (pragmatic), and OFF (raw data).

9 Prompt Templates

Editable templates for request and issue context menu actions.

8 Curated BountyPrompt Actions

Detection, recon, and advisory prompts with selective context tags.

Token-Aware Controls

Passive scanner and manual context caps, dedup windows, and prompt-result caching to reduce model spend.

Burp Pro Integration

Native ScanCheck, Collaborator OAST, and scanner issue actions.

AI-Assisted Analysis: Analyze requests, explain JS, draft PoCs, and generate issue narratives directly from Burp context.
Local Privacy: Run local models for low-leakage workflows and keep strict redaction controls when using cloud providers.
MCP Workflows: Connect external MCP clients to Burp and run supervised tool-driven workflows.
Automated Scanning: Keep passive and active AI scanners running while you focus on manual testing.
Defensible Operations: Preserve auditable, reproducible prompt bundles with deterministic redaction options.

Your settings persist across restarts and are migrated safely between versions.
Passive and active scanners enforce queue/size limits to avoid runaway resource usage.
Privacy policies are applied before prompt data leaves Burp.
MCP tools are safety-gated with safe/unsafe controls and per-tool toggles.
Session history and context size controls help limit token/cost growth.
Audit logging provides tamper-evident JSONL records for reproducibility workflows.

If you find our technology report and cybersecurity news helpful, consider supporting our work.