This is a significant upgrade with a wealth of new features added since v1.5, including:
- Support for WebSockets messages.
- Support for PKCS#11 client SSL certificates contained in smart cards and physical tokens.
- A new Extender tool, allowing dynamic loading and unloading of multiple extensions.
- A new powerful extensibility API, enabling extensions to customize Burp's behavior in much more powerful ways.
- Support for extensions written in Python and Ruby.
- A new BApp Store feature, allowing quick and easy installation of extensions written by other Burp users.
- An option to resolve DNS queries over a configured SOCKS proxy, allowing access to TOR hidden services.
- Generation of CSRF PoC attacks using a new cross-domain XHR technique.
- New options for SSL configuration, to help work around common problems.
- Optional unpacking of compressed request bodies in the Proxy.
- Support for .NET DeflateStream compression.
- New and improved types of Intruder payloads.
- New Proxy interception rules.
- New Proxy match/replace rules.
- Improved layout options in the Repeater UI.
- An SSL pass-through feature, to prevent Burp from breaking the SSL tunnel for specified domains.
- Support for the Firefox Plug-n-hack extension.
- An option to copy a selected request as a curl command.