Open Burp Suite alternative

Modern Web & API Security Testing

Intercept traffic, replay requests, test APIs, and automate security workflows from a modern desktop toolkit built for pentesters and AppSec teams. AI assistance is available where it helps triage and iteration.

Download for freeArkium vs Burp Suite
macOS, Windows, LinuxProxy, Repeater, ScannerProjects and extensions

Core toolkit

A familiar security testing workflow

Arkium keeps the product shape obvious for Burp users while organizing the work around modern Web and API assessments.

  • Proxy

    Intercept and inspect HTTP/WebSocket traffic.

  • Repeater

    Replay, modify, and iterate on requests.

  • Scanner

    Discover vulnerabilities with automated and guided testing.

  • Extensions

    Extend workflows with community and custom plugins.

  • Projects

    Organize findings, sessions, and assessments.

Product workflow

Built by security researchers. Designed for real assessments.

Manual testing stays visible and controllable: inspect every request, replay exact steps, organize projects, automate repeatable checks, and use AI assistance only where it improves the workflow.

Proxy listening

Proxy traffic

HTTP, HTTPS, and WebSocket traffic in scope.

InterceptHTTP/2WebSocketScope
MethodRequestStatusSignal
GET/api/users?role=admin200Scoped
POST/api/graphql403Review
PATCH/api/projects/42200Authz
WS/realtime/session101Live

Request / Response editor

Repeater ready
PATCH /api/projects/42 HTTP/2
Host: app.acme.test
Authorization: Bearer eyJ...
Content-Type: application/json

{
  "owner_id": "usr_913",
  "role": "admin"
}
HTTP/2 200 OK
content-type: application/json
x-request-id: req_7f2

{
  "project_id": 42,
  "owner_id": "usr_913",
  "role": "admin"
}

Repeater

4 request variants queued

Diff responses and promote useful cases to findings.

Scanner

3 findings in review

Automated checks stay tied to captured evidence.

Workflow

Auth regression run

Replay scoped requests after every release.

Scanner results
HighIDOR candidatePATCH /api/projects/42
MediumMissing rate limitPOST /api/graphql
LowVerbose error bodyGET /api/users

Representative Arkium desktop workflow: proxy capture, request/response editing, repeater iterations, scanner findings, and project context in one assessment workspace.

Testing workflow

Manual testing first. Automation when it helps.

Start with the core tools, automate repeatable checks, then use AI assistance for review, summarization, and test ideas without giving up control.

  • Proxy inspection

    Capture HTTP, HTTPS, and WebSocket traffic with precise scope controls and readable request history.

  • Request replay

    Modify, resend, diff, and iterate on requests from a focused Repeater workflow.

  • Automation workflows

    Automate repetitive checks, auth flows, fuzzing runs, and release regressions without hiding the underlying traffic.

  • Project collaboration

    Share sessions, findings, evidence, and review context with pentest and AppSec teams.

  • Extensible architecture

    Connect scanners, notifiers, custom checks, and internal tooling through community and private plugins.

  • AI assistance

    Summarize responses, draft payload ideas, and suggest test cases while keeping the tester in control.

Migration

Why switch from Burp Suite?

Arkium is not framed as a replacement for expertise. It is a modern desktop toolkit built for today’s Web and API assessment workflows.

Arkium vs Burp Suite

  • Modern interface

    A cleaner workspace for proxy traffic, request editing, findings, and project context.

  • Better workflow organization

    Keep captures, repeater sessions, scanner results, evidence, and notes tied to the same assessment.

  • Built-in automation

    Turn repeated checks into reusable workflows without losing visibility into requests and responses.

  • Team collaboration

    Share projects, review findings, and keep AppSec and pentest teams aligned.

  • Extensible architecture

    Add community plugins, private extensions, and internal integrations as your testing process grows.

Pricing

Pick the perfect plan

Arkium is in pre-release. Download the desktop build now, and join the waitlist for paid plans as licensing and billing come online.

Pre-release

No paid checkout is available yet.

Free

Explore Arkium's core workflow

Available soon

Pricing will be announced before paid access opens.

Download for free
  • Up to 2 projects
  • Core proxy and repeater
  • Limited AI assistance
  • Community support
Most popular

Pro

For independent security researchers

Coming soon

Pricing will be announced before paid access opens.

Join waitlist
  • Unlimited projects & history
  • Unlimited workflows
  • Advanced automation and AI assistance
  • Nightly builds & early access
  • Email support

Team

For pentesters and AppSec teams

Contact us

Pricing will be announced before paid access opens.

Contact sales
  • Everything in Pro
  • Shared workspaces
  • Centralized billing
  • Reassignable seats
  • Priority support

Enterprise

Governance, compliance, and scale

Contact us

Pricing will be announced before paid access opens.

Talk to us
  • Everything in Team
  • Unlimited users (pooled)
  • SSO / SCIM
  • Custom integrations & SLAs
  • Purchase orders & security reviews

FAQ

Answers before you commit

Straightforward policies so you can evaluate quickly — and roll out confidently to your team.

We accept major credit cards and PayPal (with a card on file). Enterprise customers can pay via invoice and purchase orders.

Start a real assessment workflow

Use a modern desktop toolkit for proxy inspection, replay, scanning, automation, and team review.

View plansExplore features

No credit card required for the Free tier.