burp-mcp-ultimate
A Burp Suite extension that exposes the entire Montoya API as an MCP server, so an AI agent can actually drive a hunt instead of just summarising proxy history.
Problem
Every other Burp MCP server wraps a thin slice of Montoya: enough for a chatbot to read proxy history, not enough for an autonomous agent to repeat a request, fire an Intruder run, mint a Collaborator payload, or decode a JWT. The one tool that holds all the state of a hunt was the one tool my agent could not touch.
Architecture
The extension exposes functional 100% of the Montoya API as 152 MCP tools over streamable HTTP, with tool outputs shaped for an agent context window rather than for completeness: an Intruder run returns a status/length/timing histogram, not 5,000 raw responses. The piece I have not seen elsewhere is a reflection bridge that walks Burp’s loaded-extension registry and re-exposes the public surfaces of other installed extensions as MCP tools, so the agent drives the whole install, not just the built-ins. Kotlin on JDK 21, MIT licensed, with a 62-test smoke suite that runs in CI because an extension that crashes Burp on load is worse than none.
Outcome
It closed the hole in the middle of my hunting loop: the agent now drives Burp end to end instead of pasting requests to a human. Full writeup: Exposing the whole Montoya API.