How do I? - Page 2 - Burp Suite User Forum

Cookie misconfiguration

I am getting cookie when loading login page, as below in burp REQUEST:- cookie: visitor=531543254325423654236 like above. so now question is whether above cookie is vulnerable or not whether i can report it to developers...

Reset labs

Can you please reset my all labs?

Reset Academy Progress

Hi, Any idea how can I reset my Portswigger academy progress? I would like to start from scratch. Thanks.

No More Activations Allowed

Hi Team, We have purchased two licenses, for one license I could see No More Activations Allowed which might be because of my multiple activation attempts on my machine [issue my IT environment new software installation...

Beginner-first Lab- Excessive trust in client-side controls

When I have "Intercept is on" toggled, the page will not load. If I toggle to "Intercept is off" the page will load. I've tried it several times and each time it just hangs and will not load the page or return any response...

Lab - Exploiting Java deserialization with Apache Commons

Hi! I'm trying to solve this lab (Exploiting Java deserialization with Apache Commons) but i can't. First, i tried with ysoserial (like in the description of the lab is told) but when i send the request i get a 200 Ok...

Facing problems with CORS module labs

I'm trying to achieve the CORS module labs but something seems wrong with them. For example, in this (https://portswigger.net/web-security/cors/lab-basic-origin-reflection-attack) face the following issues: - My...

burpbrowser missing in /var/lib/BurpSuiteEnterpriseEdition

I was going through this page https://portswigger.net/burp/documentation/enterprise/user-guide/reference/browser-powered and noticed this "Burp's browser is installed to Burp Suite Enterprise Edition's data directory. By...

Linkage error - can't open burp

I get this error message upon opening burp Error: LinkageError occurred while loading main class burp.StartBurp java.lang.UnsupportedClassVersionError: burp/StartBurp has been compiled by a more recent version of...

NTLM authentication problem

Hi, I am trying to access an internal application with NTLMv2 in burp's browser but I always get login prompt followed by a 401 error. I installed Burp Suite Professional v2024.3.1.3 and added platform authentication...

Trying to find shadow

Hi, I am beginner in sec and I was doing the first lab: https://portswigger.net/web-security/file-path-traversal/lab-simple and I tried to get /etc/shadow, but file not found. Is it intentionally prevented to be found or...

Enterprise Edition: Unrecognised field in config file section: platformAuthentication

Hi team, Our team is using the CI-driven scan feature of the Enterprise Edition integrating Jenkins and we are currently facing "Unrecognised field in config file section: platformAuthentication" when we try to perform...

Unable to open Burp Browser

Iam unable to open Burp Browser from the burp suite community edition, as iam facing the error as Burp Browser Error, java.io.IOException: cannot run program and it is saying that system cannot find the file specified.

Unsupported or unrecognized SSL message

I have been trying to scan some of CTF challenges but whenever I try to use chrome in Burpsuit to scan, I get this message: "Error Unsupported or unrecognized SSL message" I've tried to import the CA certificate in...

Burp Localhost

Hi everyone, I'm stuck! I looked online and nothing works. What I would simply like to do is start my python program from shell which connects to browser localhost 127.0.0.1:8080 from code and use burp to try to find...

Load a saved item (e.g. request)

Hi! This might be a basic question, but I recently saved a bunch of requests and I would like to load them back into the repeater for example or just otherwise be able to share them in a human readable format with the...

reset progress of api

hello portswigger team reset my progress of api testing

Lab seems it doesn't work

Hi, This following lab doesn't work as expected. https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-unkeyed-query In this lab the response is expected to...

Burp Suite Enterprise is not accepting URL's with Query parameters in the In-scope URL Prefixes.

In FE Fundinfo, we utilize both the Professional and Enterprise editions. However, we are currently experiencing challenges in the Enterprise edition regarding the inclusion of URLs with query parameters for scanning. Could...

Burpsuite professional "No more activations allowed for this license"

Hello there, If possible, can I have activations for my license reset? Thank you, Hasnain