🔒

Burp Suite MCP Server MCP Server Pricing 2026

Updated June 2026

Complete pricing guide for the Burp Suite MCP ServerMCP server — costs, free options, and what you'll pay.

Freemiumby PortSwigger✓ OfficialLast checked July 15, 2026

💰 How Much Does Burp Suite MCP Server MCP Server Cost?

The MCP server is free and open-source. Burp Suite: Community Edition (free). Professional: $449/user/year. Enterprise: from $6,995/year.

See official Burp Suite MCP Server pricing →

Is Burp Suite MCP Server MCP Server Free?

Yes, Burp Suite MCP Server MCP Server has free options

The Burp Suite MCP Server MCP server itself is free to install and use. The underlying Burp Suite MCP Server service offers a free tier that lets you get started without paying. Paid plans are available for additional features and higher usage limits.

Burp Suite MCP Server Cost Breakdown: Server vs Service

🆓

MCP Server (Always Free)

The Burp Suite MCP Server MCP server is the connector that lets your AI assistant (Claude, Cursor, VS Code, etc.) interact with Burp Suite MCP Server. This component is always free to install and use — it's just a bridge between your AI tool and the service.

💚

Burp Suite MCP Server Service (Freemium)

The MCP server is free and open-source. Burp Suite: Community Edition (free). Professional: $449/user/year. Enterprise: from $6,995/year.

View official pricing →

How to Install Burp Suite MCP Server MCP Server

binary
git clone https://github.com/PortSwigger/mcp-server.git && cd mcp-server && ./gradlew embedProxyJar

Compatible with: Claude Desktop, Cursor, VS Code, Windsurf, Cline

Frequently Asked Questions

Is Burp Suite MCP Server MCP Server free to use?

The Burp Suite MCP Server MCP server itself is free to install. The underlying Burp Suite MCP Server service offers a free tier with limited features, plus paid plans for additional capabilities.

How much does Burp Suite MCP Server MCP Server cost in 2026?

The MCP server is free and open-source. Burp Suite: Community Edition (free). Professional: $449/user/year. Enterprise: from $6,995/year. The MCP server component is always free to install and configure with your AI assistant.

What are the best alternatives to Burp Suite MCP Server MCP Server?

There are several alternative MCP servers in the Security category. Visit the Burp Suite MCP Server alternatives page on MyMCPTools to compare features, pricing, and compatibility with AI assistants like Claude, Cursor, and VS Code.

What's included in the Burp Suite MCP Server free tier?

The Burp Suite MCP Server free tier typically includes core functionality with usage limits. Check the official Burp Suite MCP Server website for the most up-to-date free tier details and limitations.

Does Burp Suite MCP Server work with Claude Desktop, Cursor, and VS Code?

Yes, the Burp Suite MCP Server MCP server is compatible with popular AI assistants and code editors that support the Model Context Protocol (MCP), including Claude Desktop, Cursor, VS Code, Windsurf, and Cline.

Looking for Burp Suite MCP Server alternatives?

Compare similar MCP servers with different pricing and features.

View Alternatives →

Learn More

Quick Info

Pricing Model
Freemium
Install Type
binary
Author
PortSwigger
Categories
🔒 Security
Official Pricing
View Pricing →

Related Servers

Snyk MCP Server (Community)Freemium

There is no official, Snyk-published Model Context Protocol server as of this writing — a commonly referenced `snyk/mcp-server` repo does not exist. The most active real alternative is sammcj/mcp-snyk, a community-built, MIT-licensed MCP server that wraps Snyk's API and CLI for agentic security scanning (marked alpha by its author, so expect rough edges). It exposes tools to scan a GitHub or GitLab repository by URL for vulnerabilities, scan an existing Snyk project by ID, and verify that a configured API token is valid, returning the associated user and organization info. Authentication uses a Snyk API token and an org ID, supplied via `SNYK_API_KEY`/`SNYK_ORG_ID` environment variables, falling back to the locally configured Snyk CLI org if one isn't set explicitly. Install with `npx -y github:sammcj/mcp-snyk` in your MCP client config (Claude Desktop, Cursor, etc.). Typical use: ask Claude to "scan https://github.com/org/repo for security vulnerabilities using Snyk" and get back a structured findings summary instead of switching to the Snyk web console. Snyk's own engineering org separately maintains snyk/agentic-integration-wrappers, a set of wrappers for plugging Snyk scanning into agentic workflows more broadly — worth checking if this community MCP server doesn't cover your use case, since it isn't an official Snyk product and has no guaranteed support or roadmap.

SonarQube MCP ServerFreemium

The official SonarQube MCP Server, built and maintained by SonarSource, connects AI agents like Claude, Cursor, and VS Code Copilot to SonarQube Server or SonarQube Cloud so code quality and security become part of the agent's workflow rather than a separate CI step. Through it an assistant can pull the projects a token can see, retrieve open issues and code smells, inspect quality gate status and project metrics, and — notably — analyze a code snippet directly inside the agent context without the code first being committed and scanned by a pipeline, which lets Claude check its own just-written code against SonarQube's rules before you ever push. Authentication is a SonarQube user token supplied via the `SONARQUBE_TOKEN` environment variable; SonarQube Cloud users also set `SONARQUBE_ORG` (organization key), and self-hosted SonarQube Server users set `SONARQUBE_URL` to point at their instance (SonarQube Cloud US uses `https://sonarqube.us`). The server is distributed as a Java-based OCI container image at `sonarsource/sonarqube-mcp` on Docker Hub — run it with `docker run --pull=always -i --rm -e SONARQUBE_TOKEN -e SONARQUBE_ORG sonarsource/sonarqube-mcp`, or pin a version tag for reproducible deployments — and works with any OCI-compatible runtime such as Podman or nerdctl. SonarSource also provides an interactive Configuration Generator at mcp.sonarqube.com that emits ready-to-paste client config. Ideal for teams that want AI-assisted code review grounded in the same rules and quality gates their SonarQube project already enforces.

CrowdStrike FalconPaid

Connects AI agents with the CrowdStrike Falcon platform for intelligent security analysis.

Auth0 MCP ServerFreemium

The official Auth0 MCP server lets Claude, Cursor, and Windsurf manage an Auth0 tenant end-to-end through natural language instead of the dashboard — create applications, deploy Actions, debug logs, and manage resource servers just by asking. Its standout feature is the guided onboarding flow: the auth0_onboarding tool detects your project framework, creates a correctly configured Auth0 application, writes credentials straight into a .env file (auto-added to .gitignore), and hands off to auth0_get_quickstart_guide, which resolves callback URLs and returns framework-specific SDK integration code — taking a project from zero to a working Auth0 login in one guided conversation. Beyond onboarding, the tool surface spans Applications (list/get/create/update, plus credential export), Resource Servers/APIs (create and manage scopes, token lifetimes, signing algorithms), Application Grants (authorize M2M apps against specific APIs with defined scopes), Actions (create, update, and deploy post-login/pre-token logic), Logs (search and inspect authentication events, e.g. failed logins from a given IP), and Forms (build and publish branded login/signup/password-reset forms). Installs via npx with a device-authorization OAuth flow that stores credentials in your system keychain, supports Claude Desktop, Claude Code, Cursor, Windsurf, VS Code, Gemini CLI, and Codex, and exposes --tools/--read-only flags to scope down which operations an AI agent can perform — important given its Beta status and full read/write tenant access by default.

Semgrep MCP ServerFreemium

The official Semgrep MCP server lets an AI assistant run Semgrep — a fast, deterministic static analysis engine that semantically understands 30+ languages and ships over 5,000 security rules — directly against the code it is writing or reviewing, so you can "secure your vibe coding" without leaving Claude, Cursor, VS Code, or Windsurf. It exposes a focused tool surface: `security_check` scans code for vulnerabilities, `semgrep_scan` runs a scan with a given rule config, `semgrep_scan_with_custom_rule` applies a custom Semgrep rule you supply inline, `get_abstract_syntax_tree` returns the AST of a snippet so an agent can reason about code structure, `supported_languages` lists the languages Semgrep can parse, and `semgrep_rule_schema` fetches the latest rule JSON Schema for writing new rules. With a Semgrep AppSec Platform login and token, `semgrep_findings` pulls findings from your organization's cloud account. The server runs three ways — as a Python package via `uvx semgrep-mcp` (PyPI: semgrep-mcp), as a Docker container `ghcr.io/semgrep/mcp`, or against Semgrep's hosted endpoint at mcp.semgrep.ai — and supports stdio, Streamable HTTP, and SSE transports. Note: the standalone semgrep/mcp repository is now deprecated, with ongoing development folded into the main `semgrep` binary (semgrep/semgrep, under cli/src/semgrep/mcp), so future updates ship through the official Semgrep CLI itself.

CodacyFreemium

Interact with Codacy API to query code quality issues, vulnerabilities, and coverage insights.