Where can I find more documentation on how the extension works?

Visit our Documentation page for guides, best practices, and troubleshooting tips. Documentation Or on our youtube channel: Youtube And the Xs channel: X

Burp Bounty

Name: Burp Bounty Pro
Brand: Bounty Security
SKU: burpbountymonth
Price: 14.95 EUR
Availability: InStock

€14,95

Pricing

Monthly Plan

Yearly Plan

[{"id":55139773317499,"title":"Monthly Plan","option1":"Monthly Plan","option2":null,"option3":null,"sku":"burpbountymonth","requires_shipping":false,"taxable":true,"featured_image":null,"available":true,"name":"Burp Bounty Pro - Monthly Plan","public_title":"Monthly Plan","options":["Monthly Plan"],"price":1495,"weight":0,"compare_at_price":null,"inventory_management":null,"barcode":"","requires_selling_plan":true,"selling_plan_allocations":[{"price_adjustments":[{"position":1,"price":1495}],"price":1495,"compare_at_price":1495,"per_delivery_price":1495,"selling_plan_id":4201611512,"selling_plan_group_id":"1898a26d671139a839ec8a6197c142f2bc213af1"}]},{"id":44087122723064,"title":"Yearly Plan","option1":"Yearly Plan","option2":null,"option3":null,"sku":"burpbountypro","requires_shipping":false,"taxable":true,"featured_image":null,"available":true,"name":"Burp Bounty Pro - Yearly Plan","public_title":"Yearly Plan","options":["Yearly Plan"],"price":14500,"weight":0,"compare_at_price":17900,"inventory_management":null,"barcode":"","requires_selling_plan":true,"selling_plan_allocations":[{"price_adjustments":[{"position":1,"price":14500}],"price":14500,"compare_at_price":14500,"per_delivery_price":14500,"selling_plan_id":4051173624,"selling_plan_group_id":"235e9e60498c80a9c11031f350c00c51f5137174"}]}]

What is Burp Bounty Pro?

Burp Bounty Pro is a Burp Suite extension that lets you create custom scan profiles for detecting vulnerabilities in web applications — without writing code. Define your own payloads, match conditions, and detection rules, or use the 254 built-in profiles and 27 Smart Scan rules to start finding real vulnerabilities immediately.

What's New in v3.0

Multi-Step Scanning — Chain multiple scanning steps with cookie reuse for complex authenticated workflows and multi-stage attack scenarios.
Smart Scan (IF-THEN Rules) — Detect WordPress? Auto-launch WordPress exploit profiles. Spot SQLi-prone parameters? Trigger targeted injection testing. 27 pre-configured rules included.
Time-Based Detection Engine — Detect timing-based vulnerabilities like sleep-based SQL injection and blind command injection with configurable thresholds.
Global Variables — Use dynamic variables like {CURRENT_HOST}, {BC}, {REDIRECT_DOMAIN} in payloads and match patterns across all profiles.
30+ Insertion Point Types — URL params, body params, cookies, JSON keys/values, XML, HTTP headers, URL path components, and more.
Per-Scan Performance Control — Independent thread pools, configurable request rate, true pause/resume without losing state.

See the Documentation for the full reference, or try it free.

Why Pentesters Choose Burp Bounty Pro

Custom Vulnerability Profiles

254 ready-to-use profiles covering CVEs, XSS, SQLi, SSRF, SSTI, RCE, path traversal, technology detection, and sensitive data exposure. Build your own with custom payloads and match conditions — no code required.

Smart Scan Automation

Create IF-THEN rules that chain passive detection with active attacks automatically. Detect a technology? Launch targeted exploit profiles. Spot suspicious parameters? Trigger injection testing. 27 pre-configured rules included.

Multi-Step Scanning

Chain multiple scanning steps with cookie reuse and sequential execution. Test complex authenticated workflows and multi-stage attack scenarios that single-request scanners can't reach.

Granular Scan Control

Per-scan thread pools, configurable request rate limiting, true pause/resume without losing state, and tag-based profile organization. Run different scans with different settings simultaneously.

What You Get on Day One

254 Profiles, Zero Setup
Install the extension, load the default profiles, and start scanning in under 5 minutes. Covers CVEs, common vulnerabilities, technology detection, and sensitive data exposure.
30+ Insertion Points
URL parameters, body params, cookies, JSON keys/values, XML elements, HTTP headers, URL path components, multipart forms. Define exactly where payloads are injected — far beyond Burp Suite's defaults.
Tag-Based Workflow
Organize profiles by technology, vulnerability type, or custom categories. Right-click any request and launch only the scans you need — WordPress checks, SQLi payloads, or your custom attack set.
Import/Export Profiles
Share .bb profile files across your team. Compatible with GBounty and Burp Bounty Go — one profile format, every tool.

FAQs

They’re Burp Suite Pro extensions, so you’ll need Burp Suite Pro to use them.

Each license is user-based. With one license you have three device activations.

Burp Bounty Pro ships with ready-to-use profiles, but you can easily customize them for unique scenarios.

All scanners can produce false positives, but our optimized profiles help keep them to a minimum.

Visit our Documentation page for guides, best practices, and troubleshooting tips.

Documentation

Or on our youtube channel:

Youtube

And the Xs channel:

X

Verify your license key and ensure you’re running the latest version of Burp Suite Pro.

Java 14 or above. Burp Bounty Pro runs on Burp Suite Professional on Linux, macOS, and Windows.

Version 3.0 introduces multi-step scanning with cookie reuse, a global variables system for dynamic payloads, a time-based detection engine for blind vulnerabilities, Smart Scan IF-THEN rules, per-scan configurable thread pools, and tag-based passive scan launching.

Yes. Export profiles as .bb JSON files and import them on any installation. The same .bb format works in Burp Bounty Pro, Burp Bounty Go, and GBounty.

No — it extends it. Burp Bounty Pro adds 254 custom vulnerability profiles, Smart Scan rules, multi-step scanning, and 30+ insertion point types on top of Burp Suite's native scanning capabilities. Both work together.

Burp Bounty Go

10K+ Req/Sec · Golang Engine · Distributed Scanning

Need raw speed? Burp Bounty Go offloads scanning to a high-performance Golang engine processing 10,000+ requests per second. Run multiple scanning servers on localhost or remote VPS and manage everything from Burp Suite.

Built-in Blind Host for OOB detection · Multi-step profiles · Tag-based scan launching · Same .bb profile format as Burp Bounty Pro · Linux, macOS, and Windows.

Get Burp Bounty Go Try it Free

Burp Bounty Go — High-performance Golang scanning engine