This allows you to run Burp Suite Professional in a container. This guide describes the steps to run Burp on a Mac, but steps for Linux should be fairly similar.

• You need a Burp Suite Professional license.
• You need to have the following installed on your host:
  • Docker
  • XQuartz
  • socat

⚠️ If you did not have installed XQuartz, make sure to reboot your Mac after the installation so that the X11 window server is set up correctly for the current user.

First, clone this GitHub repository on your host:

git clone https://github.com/koenrh/docker-burp-suite-pro.git

Then, build the Docker image using the following command. Provide the email address and password (or customer number for some customers) you would normally use to login to your PortSwigger account.

docker build -t koenrh/burp-suite-pro \
  --build-arg PORTSWIGGER_EMAIL_ADDRESS="$PORTSWIGGER_EMAIL_ADDRESS" \
  --build-arg PORTSWIGGER_PASSWORD="$PORTSWIGGER_PASSWORD" .

While building the image, the JAR (Java ARchive) of Burp Suite Pro is pulled form the PortSwigger portal.

1. Start the X window server by opening XQuartz (open -a xquartz).
2. Expose the local XQuartz socket on TCP port 6000 using socat:

socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CLIENT:\"$DISPLAY\"

Note that you need to run this command from your host, not the XQuartz terminal.

docker run --rm \
  -v "/tmp/.X11-unix:/tmp/.X11-unix" \
  -e "DISPLAY=docker.for.mac.host.internal:0" \
  -v "$HOME/src/github.com/koenrh/burp/java:/home/burp/.java" \
  -p 8080:8080 \
  --name burp-suite-pro
  koenrh/burp-suite-pro

You could make this command more easily accessible by putting it an executable, and make sure that it is available in your $PATH. Alternative, you could create wrapper functions for your docker run commands (example).

In order to make Burp Proxy available to the host, you need to bind on the public interface.

1. In Burp, open the 'Proxy' tab, and then the 'Options' tab.
2. Add a new 'Proxy Listener' by clicking the 'Add' button.
3. Enter the preferred port number, and make sure that 'Bind to address' is set to 'All interfaces'.
4. Verify that the proxy is working by running the following command on your host:

curl -x http://127.0.0.1:8080 http://example.com

1. When prompted, do not updated Burp Suite through the GUI. Pull and build an updated image instead.
2. Do not the delete the mapped .java directory on your host. It contains important license activation data.