Recently Portswigger team introduced Burp MCP, which help to automate the Dynamic security assessment with one prompt. Recently MCP is booming, which is really amazing.

We have automated most of the SAST side but still not resolved DAST side of the assessment. Now i think we are on the right track to solve this problem.

Burp Suite MCP is an integration that bridges LLM, such as Cursor, directly with Burp Suite, the industry-standard web penetration testing toolkit.

It utilizes the Model Context Protocol (MCP), an open standard introduced by Anthropic, to standardize how AI models interact with external tools and data resources

Instead of manually copying HTTP requests from Burp into a chat window, this integration turns Burp Suite into a “server” that exposes its tools to the AI “client.” This allows the AI to autonomously read logs, analyze requests, and execute attacks directly with your prompt.

That means you just have to say, test Cross-site Scripting to /xyz endpoint, or fetch unique request from the http history and perform checks for unauthenticated request. The Agent will do it for you !

Burp MCP offers you Proxy History Inspection, Code-to-Repeater Integration, Scanner Automation, Burp Configuration Management, Direct Request Execution, and Burp Collaborator Support. This makes almost every feature, which we are doing in Burpsuite manually, you can just prompt it. go ahead !

lets see how we can set it up, I will be using cursor AI Agent in this article, because it looks very friendly to me !

I am using Burpsuite Professional and Cursor Paid Version. But you do not require Burp Suite Professional. The MCP Server extension is compatible with the free Burp Suite Community Edition too.

Setting Up Burp Suite MCP

Of course Open your Burp, then go to Extension Tab and install it. Once you have installed it, you will observe “MCP” Tab appears on top.

Navigate to the tab, enable it under Server Configuration.Ensure the status indicates the server is running. It typically defaults to listening on 127.0.0.1 at port 9876.

Also there are some other option like “Enable tools that can edit your config”. Enabling this allows the AI agent to programmatically change Burp’s settings like changing proxy listeners or scope. If you only want the AI to read data and send requests, you can leave this unchecked for safety.

Connect to AI Agent (Cursor) :

To connect Cursor with Burp Suite MCP server, you need to configure Cursor’s settings. Open Cursor settings and look for MCP configuration. You can edit the settings.json file directly.

Add the following configuration:

{
  "mcpServers": {
    "burp": {
      "url": "http://127.0.0.1:9876/sse"
    }
  }
}

Save the file and restart Cursor. Once restarted, you can start using natural language to interact with Burp Suite through Cursor !

After successful installation, you will see the Burp MCP server connected in Cursor Settings under “Tools & MCP” section and it will show like below image. If not toggle the radio button on and off or just restart the cursor.

Real game !

Once you have completed the setup , confirm it by fetching last 5 http request from http history.

Fetch the last 5 HTTP requests from Burp Suite HTTP history, Or ask AI to add “anything.com” in scope. If it is doing successfully then we are good to go !

This is how I approach it

Here the tool and AI is doing work on your instruction or prompt. So still you are the controller here you need to define exact and clear prompt.

Act as senior application security engineer and list all the unique endpoints from the targeted scope, and perform the Security assessment based OWASP Top 10 API’s security risks. Make sure not to do intrusive and any deletion task. Approach it by understanding what exactly this API will be doing, and how an arbitrary user can abuse it. When you identify the vulnerability, review that for false positive and also send it to repeater for further analysis for me.

This is one way, or other way is I ask AI to understand few reports maybe from open source like some awesome disclosed bug bounty reports, hacktivity and other sources. Ask it to take away the conclusion and test on the basis of it. So here you are just asking AI to understand large number of reports and try similar bug on your target if relevant.

For example you can use below repository.

Similarly, you are open for any creative action. Do let me know if you have other ideas, will love to hear that and learn.

This is just one way I’m experimenting with Burp MCP right now. There are definitely limitations, false positives, and cases where manual testing still makes much more sense.

But the fact that we can describe what we want to test instead of manually driving every Burp feature is really interesting. I feel this can save a lot of time, especially during large DAST engagements.

I’m still exploring different prompts, workflows, and attack patterns with MCP. If you are already using it or planning to try it, would love to hear how you’re approaching it and what ideas you have.

I hope this is informative to you, and if you have any doubts or suggestions, reach out to me over Twitter; I’ll be happy to assist or learn from you.

Happy Hacking !

Twitter handle :- https://x.com/Xch_eater