AlternativeTo Logo

Open Source Burp Suite Alternatives

The best open source alternative to Burp Suite is OWASP Zed Attack Proxy (ZAP). If that doesn't suit you, our users have ranked more than 10 alternatives to Burp Suite and four of them is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Burp Suite are mitmproxy, w3af and Tamper Data.

Burp Suite alternatives are mainly Vulnerability Scanners but may also be HTTP(S) Debuggers or Web Debuggers. Filter by these if you want a narrower list of alternatives or looking for a specific functionality of Burp Suite.
This page was last updated Nov 10, 2021
  • FreemiumProprietary
  • Mac
  • Windows
  • Linux
  • BSD

Burp Suite is an integrated platform for performing security testing of web applications.

Learn more about Burp Suite

  1. OWASP Zed Attack Proxy (ZAP)

    • FreeOpen Source
    • Mac
    • Windows
    • Linux

    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

    Most users think OWASP Zed Attack Proxy (ZAP) is a great alternative to Burp Suite.
  2. mitmproxy

    • FreeOpen Source
    • Mac
    • Windows
    • Linux

    mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

    Almost everyone thinks mitmproxy is a great alternative to Burp Suite.


  3. w3af

    • FreeOpen Source
    • Windows
    • Linux

    w3af is a Web Application Attack and Audit Framework.

  4. Tamper Data

    • FreeOpen Source
    • Mac
    • Windows
    • Linux
    • Firefox

    Firefox add-on that lets you change headers and request parameters before they're sent to the server.

    Discontinued

    The extension is no longer developed since 2010 and it's not compatible with Firefox 57 and later. It still works on XUL-based Firefox forks like Waterfox and Pale Moon

Showing 4 of 4 alternatives