How to solve and bypass captcha in Burp Suite

Burp Suite is excellent for intercepting traffic and automating security testing. But when a CAPTCHA is in the way, automation stops. This guide explains how to solve captchas in Burp using 2Captcha’s API.

This article shows how to integrate a captcha solving API into Burp Suite, allowing automated bypass of reCAPTCHA and other challenges during security testing.

What You’ll Need

  • 2Captcha account and API key
  • Burp Suite (Community or Pro)
  • Repeater or Intruder (or BApp extension, optional)
  • Target using reCAPTCHA v2, Turnstile, or others

Workflow

  1. Extract the sitekey and page URL from the response or source
  2. Send a task to 2Captcha
  3. Poll for the result
  4. Insert the solved token into the request
  5. Resend the modified request

Example: Bypassing reCAPTCHA v2

Suppose you're testing a signup form.

Step 1: Get the Sitekey
From HTML: 

<div class="g-recaptcha" data-sitekey="6Lc_aXkUAAAAA..."></div>

Or inspect responses via Burp Proxy.

Step 2: Submit to 2Captcha

POST https://api.2captcha.com/createTask

Headers:

Content-Type: application/json

Body:

{
  "clientKey": "YOUR_API_KEY",
  "task": {
    "type": "RecaptchaV2TaskProxyless",
    "websiteKey": "6Lc_aXkUAAAAA...",
    "websiteURL": "https://target.com"
  }
}

Get the taskId from the response.

Step 3: Poll for Result

POST https://api.2captcha.com/getTaskResult

Body:

{
  "clientKey": "YOUR_API_KEY",
  "taskId": "TASK_ID"0
}

Repeat every 5 seconds until:

{
  "status": "ready",
  "solution": {
    "gRecaptchaResponse": "TOKEN_HERE"
  }
}

Step 4: Inject Token

Use the token in your next POST request:

POST /signup HTTP/1.1
Host: target.com
Content-Type: application/x-www-form-urlencoded

email=test@example.com&g-recaptcha-response=TOKEN_HERE

Supported CAPTCHA Types

These can also be solved via 2Captcha:

  • reCAPTCHA v2 / Invisible / v3
  • Cloudflare Turnstile
  • FunCaptcha (Arkose)
  • GeeTest (v3 and v4)
  • Text and image captchas
  • and many others: full list

Common Errors

  • taskId missing → check your API key or request JSON
  • Always processing → the captcha may be invalid or expired
  • failed status → retry the task

Final Notes

With this method, you can automate captcha bypass inside Burp Suite — whether you’re doing auth fuzzing, registration testing, or scripting Repeater flows. No more copy-pasting captcha tokens manually.

Need to cut costs? You can also use SolveCaptcha — a cheaper API-compatible alternative with similar results.