Skip to main content


Testing with Burp Suite’s Repeater

Smart City And Communication Network Concept. 5g. Lpwa (low Power Wide Area). Wireless Communication.

Burp Suite is a comprehensive toolkit for web application testing and one of its most powerful features is the Repeater. The Repeater is an interactive tool that allows you to manually modify and replay HTTP requests to a web application. It’s an essential feature for testing and debugging web applications and can help you identify potential vulnerabilities. In this blog, we’ll take a closer look at what the Repeater is and how to use it in Burp Suite.

What is the Repeater in Burp Suite?

The Repeater is a tool in Burp Suite that allows you to manually modify and replay HTTP requests. It’s a powerful feature that enables you to test different scenarios and see how a web application responds. You can use the Repeater to modify headers, parameters, and other aspects of an HTTP request, which makes it a valuable tool for testing and debugging web applications.

How to use the Repeater in Burp Suite

Using the Repeater in Burp Suite is easy and straightforward. Here are the steps:

Step 1: Configure the Target

To get started with the Repeater, you’ll need to have Burp Suite installed and running. Once you’ve done that, navigate to the “Target” tab in the top navigation bar. From here, you can add the target you want to test by clicking the “Add” button.

Step 2: Intercept a Request

Next, you’ll need to intercept a request. This can be done by navigating to the “Proxy” tab and selecting the “Intercept” subtab. From here, you can turn on interception by clicking the “Intercept is on” button.

Step 3: Send the Request

To send a request to the target, navigate to the website or application you want to test and perform an action that generates an HTTP request, once interception is enabled. Burp Suite will intercept the request and display it in the “Intercept” tab.

Step 4: Send the Request to the Repeater

To send the intercepted request to the Repeater, click the “Action” button and select “Send to Repeater.” The request will then be displayed in the “Repeater” tab.

Bs Repeater Options Tab

Fig 1: Sending the Request to the Repeater in Burp Suite

Step 5: Modify the Request

In the Repeater tab, you can modify the intercepted request by changing the parameters, headers, or any other aspect of the request. This allows you to test different scenarios and see how the application responds.

Step 6: Send the Modified Request

Once you’ve made the necessary modifications, you can send the modified request by clicking the “Go” button. Burp Suite will send the request to the target and display the response in the “Repeater” tab.

Bs Repeater Options Tab 3

Fig 2: Sending the Modified Request in Burp Suite

Step 7: Review the Response

Once the response is displayed, you can review it to see if there are any issues or vulnerabilities. This may involve examining the headers, body, or any other aspect of the response.

Step 8: Repeat the Process

If you need to test additional scenarios, you can repeat the process by modifying the request and sending it again. This allows you to thoroughly test the application and identify any potential vulnerabilities.

Step 9: Save Requests and Responses

If you want to save the requests and responses for later analysis or testing, you can do so by clicking the “Save” button in the “Repeater” tab. This allows you to quickly access the saved requests and responses in the future.

Step 10: Take Action

If you do discover a vulnerability or issue, it’s important to take action immediately. This may involve reporting the vulnerability to the site owner or developer, or taking steps to patch the vulnerability yourself if you have permission to do so.


The Repeater is an essential tool for testing and debugging web applications in Burp Suite. By manually modifying and replaying HTTP requests, you can identify potential vulnerabilities and test different scenarios. Remember to carefully review the responses and take action immediately if you discover any issues. With the Repeater and Burp Suite, you can take your web application testing to the next level.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sanskar Dwivedi

Sanskar Dwivedi is an Associate Technical Consultant at Perficient. He has an experience of combined 1.2 years of in Cyber Security and Testing. He is dedicated to staying up to date on the latest trends and technologies in these fields and is committed to researching and writing about tech.

More from this Author

Follow Us