Custom AI Agent, formerly known as Burp AI Agent, is an extension for Burp Suite designed to integrate AI-driven analysis and automation into security testing workflows. It addresses the needs of security professionals by offering AI-assisted vulnerability scanning, privacy controls, and workflow automation directly within the Burp Suite environment. The extension supports both Burp Suite Professional and Community editions, with certain features dependent on the Pro version.
The tool provides a range of AI-powered capabilities, including passive and active scanners that automatically analyze traffic across 62 vulnerability classes, such as SQL injection, cross-site scripting, cache poisoning, JWT attacks, and API security issues. It features pluggable backends, allowing users to select from built-in Burp AI, local models like Ollama and LM Studio, NVIDIA NIM, Perplexity, generic OpenAI-compatible providers, and multiple cloud CLI providers such as Gemini, Claude, Codex, Copilot, and OpenCode. Users can also add custom backends via drop-in JAR files. The extension includes an embedded Model Context Protocol (MCP) server, which offers access to 59 tools for various Burp Suite workflows, though the BApp Store build exposes only 8 native AI tools while the full build available from GitHub includes all 59.
Privacy is a core focus, with configurable redaction modes—Strict, Balanced (default), and Off—ensuring sensitive information like cookies, authentication headers, and tokens are stripped before leaving Burp Suite. A preview dialog allows users to review payloads before any data is sent externally. The tool also provides audit logging with JSONL-based logs and per-event SHA-256 hashes for compliance, as well as a real-time AI request logger with trace ID correlation and rolling persistence. Additional features include auto tool chaining, where the AI can autonomously execute up to eight MCP tool calls per interaction to complete complex, multi-step tasks, and a custom prompt library for managing and editing prompts used in context menu actions.
Custom AI Agent offers a refreshed, theme-aware user interface that adapts to Burp Suite’s light and dark modes. It supports three scan modes—BUG_BOUNTY, PENTEST, and FULL—tailored to different engagement styles, and provides editable prompt templates and curated BountyPrompt actions to streamline security testing workflows.
In the Security & compliance platforms space, Overview takes a focused approach. It focuses on automating and enhancing security scanning and agent-based workflows using AI. It is built as an open-source project for security researchers and penetration testers. Overview is open source under the MIT license. Overview is available on the web, the command line, and API, and it can be self-hosted.
It is developed by six2dez, and the product first shipped in 2026. Development happens publicly on GitHub with 1.3k stars and 206 commits in the last 90 days. Key capabilities include AI scanning, agent profiles, and prompt templates. It exposes integrations via an MCP server and a public API.
Latest indexed changes and source events
Other apps tracked under the same category.