Connect Burp Suite to MCP clients for automated scanning and crawling via SSE and a stdio proxy.
Configuration
View docs{
"mcpServers": {
"dinosn-burp-mcp-server": {
"url": "http://localhost:9876/sse"
}
}
}You can connect Burp Suite to AI clients using the MCP (Model Context Protocol) to enable scan and crawl capabilities directly from Burp. This MCP server acts as a bridge, exposing Burp’s proxy data to MCP clients and allowing automated interactions through standard MCP clients or a stdio proxy.
You have two primary ways to connect an MCP client to Burp via this server: HTTP (remote-like) access through Burp’s SSE endpoint, and a local stdio proxy setup that pipes requests through a Java-based proxy. Choose the method that best fits your workflow.
Prerequisites you need before installing the extension are minimal. Ensure Java is installed and accessible from your system path, and that you can load a Java extension into Burp Suite.
Install and load the extension into Burp Suite by following these steps.
1. Open Burp Suite.
2. Go to Extensions and choose to Add a new extension.
3. Select Java as the Extension Type.
4. Choose the packaged MCP server extension JAR file and load it.
5. Confirm the extension loads and becomes active in Burp.
By default the MCP server listens on http://127.0.0.1:9876. You can adjust options in Burp’s MCP tab if needed.
This server exposes two primary MCP connection methods. You can configure each method separately and use them from your MCP client.
Claude Desktop integration can be configured automatically via the extension installer or manually by editing Claude's config to point at the Burp MCP server. The extension provides a built-in installer option that configures Claude Desktop accordingly.
{
"mcpServers": {
"burp_http": {
"type": "http",
"url": "http://localhost:9876/sse",
"args": []
}
}
}{
"mcpServers": {
"burp_stdio": {
"type": "stdio",
"command": "java",
"args": [
"-jar",
"/path/to/mcp/proxy/jar/mcp-proxy-all.jar",
"--sse-url",
"<your Burp MCP server URL configured in the extension>"
]
}
}
}The default Burp MCP server address is http://127.0.0.1:9876. If you need to run Claude Desktop alongside Burp, you can configure Claude to connect via the provided MCP server. Use either the automatic installer flow or manually edit Claude’s configuration to reference the Burp MCP server via the stdio proxy command shown above.
If you prefer to run the SSE MCP server directly, you can point your MCP client to the Burp SSE URL. For stdio-based clients, use the Java-based proxy command that forwards requests to the SSE server.
Keep Burp’s MCP server accessible only to trusted clients. Use network firewalls or localhost-only access to prevent unauthorized connections. If you enable any config editing tools, understand that they can modify Burp configuration files; restrict access accordingly.
If the MCP client cannot connect, verify that Burp is running with the extension loaded and that the server’s port 9876 is not blocked by a firewall. Check Burp’s Extensions tab to ensure the MCP extension remains active. For stdio-based clients, ensure the Java runtime and the mcp-proxy-all.jar path are correct.
To fully utilize the MCP Server Extension with Claude Desktop, you need to configure Claude's MCP client settings. Claude Desktop currently supports STDIO MCP Servers. The extension can automatically configure Claude Desktop to point to Burp’s MCP server.
Option 1: Use the installer from the extension to add the Burp MCP server to Claude Desktop’s config.
Option 2: Manually edit Claude Desktop’s config at ~/Library/Application Support/Claude/claude_desktop_config.json and add or update the following structure to reference the Burp MCP server via the stdio proxy command.
If you prefer to install the MCP server manually, you can either use Burp’s SSE server directly or run the packaged stdio proxy server that forwards to the SSE server.
SSE MCP Server URL (direct usage): http://127.0.0.1:9876 or http://127.0.0.1:9876/sse.
Stdio MCP Proxy Server (for clients that only support stdio): Use the provided proxy JAR and point it at the SSE URL, for example by configuring your client with a command like:
``
/path/to/java -jar /path/to/proxy/jar/mcp-proxy-all.jar --sse-url http://127.0.0.1:9876
``