How to solve and bypass captcha in Burp Suite

How to solve and bypass captcha in Burp Suite

Burp Suite is excellent for intercepting traffic and automating security testing. But when a CAPTCHA is in the way, automation stops. This guide explains how to solve captchas in Burp using 2Captcha’s API.

This article shows how to integrate a captcha solving API into Burp Suite, allowing automated bypass of reCAPTCHA and other challenges during security testing.

What You’ll Need

  • 2Captcha account and API key
  • Burp Suite (Community or Pro)
  • Repeater or Intruder (or BApp extension, optional)
  • Target using reCAPTCHA v2, Turnstile, or others

Workflow

  1. Extract the sitekey and page URL from the response or source
  2. Send a task to 2Captcha
  3. Poll for the result
  4. Insert the solved token into the request
  5. Resend the modified request

Example: Bypassing reCAPTCHA v2

Suppose you're testing a signup form.

Step 1: Get the Sitekey
From HTML: 

<div class="g-recaptcha" data-sitekey="6Lc_aXkUAAAAA..."></div>

Or inspect responses via Burp Proxy.

Step 2: Submit to 2Captcha

POST https://api.2captcha.com/createTask

Headers:

Content-Type: application/json

Body:

{
  "clientKey": "YOUR_API_KEY",
  "task": {
    "type": "RecaptchaV2TaskProxyless",
    "websiteKey": "6Lc_aXkUAAAAA...",
    "websiteURL": "https://target.com"
  }
}

Get the taskId from the response.

Step 3: Poll for Result

POST https://api.2captcha.com/getTaskResult

Body:

{
  "clientKey": "YOUR_API_KEY",
  "taskId": "TASK_ID"0
}

Repeat every 5 seconds until:

{
  "status": "ready",
  "solution": {
    "gRecaptchaResponse": "TOKEN_HERE"
  }
}

Step 4: Inject Token

Use the token in your next POST request:

POST /signup HTTP/1.1
Host: target.com
Content-Type: application/x-www-form-urlencoded

email=test@example.com&g-recaptcha-response=TOKEN_HERE

Supported CAPTCHA Types

These can also be solved via 2Captcha:

  • reCAPTCHA v2 / Invisible / v3
  • Cloudflare Turnstile
  • FunCaptcha (Arkose)
  • GeeTest (v3 and v4)
  • Text and image captchas
  • and many others: full list

Common Errors

  • taskId missing → check your API key or request JSON
  • Always processing → the captcha may be invalid or expired
  • failed status → retry the task

Final Notes

With this method, you can automate captcha bypass inside Burp Suite — whether you’re doing auth fuzzing, registration testing, or scripting Repeater flows. No more copy-pasting captcha tokens manually.

Need to cut costs? You can also use SolveCaptcha — a cheaper API-compatible alternative with similar results.