burp-ai-agent
Custom AI Agent is a Burp Suite extension that integrates multiple AI backends (local and cloud) to assist with vulnerability analysis and security testing. It provides passive/active scanning with AI-assisted insights, MCP tool integration for external AI agents, and privacy controls for handling sensitive data during analysis.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | six2dez/burp-ai-agent |
| Owner | six2dez |
| Primary language | Kotlin |
| License | MIT — OSI-approved |
| Stars | 1.3k |
| Forks | 203 |
| Open issues | 9 |
| Latest release | v0.9.0 (2026-06-26) |
| Last updated | 2026-07-01 |
| Source | https://github.com/six2dez/burp-ai-agent |
What burp-ai-agent is
A Kotlin-based Burp extension that bridges Burp Suite with AI via 11 backends (Ollama, OpenAI-compatible, Anthropic, Claude CLI, etc.), exposes 59 MCP tools for autonomous scanning, implements AES-256-GCM secrets encryption, HKDF host anonymization, ReDoS-safe redaction, and token-budget guardrails. Supports passive scanner integration (Burp Pro), external MCP servers (SSE/stdio), and audit logging (JSONL with SHA-256).
Get the burp-ai-agent source
Clone the repository and explore it locally.
git clone https://github.com/six2dez/burp-ai-agent.gitcd burp-ai-agent# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires Java 21; Burp Suite Community or Pro. Install via BApp Store or build from source with Gradle shadowJar (2 variants: full 59 MCP tools or store build 8 tools).
- AI backend selection is critical: local models (Ollama/LM Studio) have zero cloud overhead but require pre-downloaded models and local inference hardware; cloud APIs (Anthropic, Perplexity) offer capability but add latency and per-token costs.
- MCP server setup for Claude Desktop requires Node.js 18+ and supergateway CLI; external MCP servers add topology complexity (SSE/stdio transports, auth token storage, per-host scope enforcement).
- Passive scanner runs in Burp Pro only; audit logging (JSONL + SHA-256 hashes) provides compliance trail but requires manual collection and analysis for multi-user teams.
- Secrets encryption uses per-install keys stored locally; no cloud key management or key rotation policy documented. Review threat model for your threat level.
When to avoid it — and what to weigh
- Burp Community Edition with Advanced Scanning — The passive scanner requires Burp Pro. Community users get only manual request analysis; no automatic vulnerability detection.
- Air-Gapped or Strict Network Isolation — Most backends (Anthropic, Perplexity, OpenAI-compatible cloud) require internet access. Local-only options (Ollama, LM Studio) exist but require prior model downloads and CPU/GPU resources.
- Zero Tolerance for Plaintext Secrets in Code or Config — While v0.9.0 encrypts secrets at rest using per-install AES-256-GCM keys, API keys must still be entered into the extension UI. No HSM or external secret-management integration mentioned.
- Minimal Customization or Locked-Down Deployment — Extension relies on user-supplied AI models and external MCP servers; limited guidance for sandboxing or enforcing fine-grained policy per MCP tool in enterprise environments.
License & commercial use
MIT License. Permissive; allows commercial use, modification, and distribution with attribution. No copyleft obligations.
MIT license is permissive for commercial use. However, integration of third-party AI backends (Anthropic, OpenAI, Perplexity, NVIDIA, etc.) introduces separate commercial terms: users must comply with each provider's ToS and licensing. No warranty or indemnification from the extension itself.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Strong |
| Assessment confidence | High |
v0.9.0 implements AES-256-GCM per-install secret encryption (not plaintext), HKDF host anonymization in STRICT mode, request/response body redaction with ReDoS-safe patterns, and pre-send secret tripwire warnings with audit logs. Threat model considerations: (1) per-install encryption keys are stored locally—no remote key derivation; (2) MCP external server auth tokens are encrypted at rest but require secure channel setup (SSE over TLS); (3) audit logs are JSONL with SHA-256 but rely on file system integrity—no immutable log transport; (4) no mention of Burp session hijacking, MCP client impersonation, or supply-chain vetting for external MCP servers. Redaction patterns are user-configurable but ReDoS protection scope is not detailed. No vulnerability disclosure policy or security audit history provided.
Alternatives to consider
Burp Suite's Built-in Burp AI (Pro only)
PortSwigger's native AI integration; no extension install, tighter Burp API surface. Limited to Burp's curated models/backends; less customization than Custom AI Agent.
ZAP (OWASP) + Custom Scripting
Free, open-source alternative scanner with Python/JavaScript scripting for AI integration. Steeper learning curve; no native MCP, fewer AI backends out-of-the-box.
Semgrep + IDE AI (GitHub Copilot, Claude)
CI/CD-native SAST + IDE-resident AI. Complements Burp but does not replace dynamic scanning and manual testing workflows; best for code review, not runtime vulnerability analysis.
Build on burp-ai-agent with DEV.co software developers
Install Custom AI Agent from the BApp Store, configure your preferred AI backend, and start AI-assisted penetration testing in Burp Suite today.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
burp-ai-agent FAQ
Do I need a paid AI API to use this extension?
Can I use Custom AI Agent without Burp Pro?
Is my API key stored in plaintext?
Can external AI agents (Claude Desktop) access my out-of-scope targets?
Software development & web development with DEV.co
DEV.co helps companies turn open-source tools like burp-ai-agent into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your mcp servers stack.
Integrate AI into Your Security Testing
Install Custom AI Agent from the BApp Store, configure your preferred AI backend, and start AI-assisted penetration testing in Burp Suite today.