Burp Suite User Forum

Create new post

Latest posts

Burp Suite Enterprise Timeout

I have noticed scans failing due to too many consecutive "crawled location no longer reachable" errors that happen to align with increased latency on the server being scanned (Latency is not tied to the scanner running)....

Last updated: Feb 27, 2024 03:59PM UTC | 0 Agent replies | 0 Community replies | How do I?

Cannot adjust severity ratings for Burp Enterprise

I am unable to find a way in the UI to change the severity ratings. It would be beneficial to have a way to adjust a rating depending on the validation of a finding manually.

Last updated: Feb 27, 2024 03:25PM UTC | 9 Agent replies | 8 Community replies | Feature Requests

PortSwigger Lab: Web cache poisoning with an unkeyed cookie

Having the same issue with Webcache Poisoning - unkeyed cookie. Have managed to trigger the pop up on the site whenever a viewer loads homepage, but the automated user who is supposed to visit the site never does. Not...

Last updated: Feb 27, 2024 02:03PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

solved lab is showing not solved

i've succesfully sovled the lab Method-based access control can be circumvented but it shows that i dint solve it when i am redirected to the homepage

Last updated: Feb 27, 2024 01:50PM UTC | 27 Agent replies | 60 Community replies | Bug Reports

How do i get my lab as solved?

Hi, Im a newbie and im doing the first few labs. Im doing the "SQL injection vulnerability allowing login bypass" in BURP Suite and have managed to resolve it but it is not setting it to 'Solved'. Im using The BURP...

Last updated: Feb 27, 2024 01:44PM UTC | 1 Agent replies | 0 Community replies | How do I?

Forced OAuth profile linking

The official solution includes instructions to create an iframe in the exploit server in which the src attribute points to the /oauth-linking... URL. However, the /oauth-linking response includes an X-Frame-Options:...

Last updated: Feb 27, 2024 01:40PM UTC | 4 Agent replies | 4 Community replies | How do I?

DOM Based XSS

I am doing a penetration Testing of an application. Burp shows it is vulnerable to DOM based XSS. Basically I went to source code page in a browser and on inspect element I have entered an XSS payload in...

Last updated: Feb 27, 2024 01:40PM UTC | 0 Agent replies | 0 Community replies | How do I?

Reset all my labs and progress

How i resrt all my labs and progress to solve them again ?

Last updated: Feb 27, 2024 01:12PM UTC | 64 Agent replies | 73 Community replies | How do I?

Authenticated Scans on Appication with 2FA login

Hi Team, I wanted to if application have 2FA(login and OTP) how to configure Burp Enterprise for the same. I can only see authentication with simple username and password field to add in auth configuration in...

Last updated: Feb 27, 2024 09:19AM UTC | 5 Agent replies | 4 Community replies | How do I?

Dark Mode for Web Security Academy

As a learner we have to spend a lot of time spending time reading on Web Security Academy. Therefore, it would be very convenient if we had an option of dark mode too.

Last updated: Feb 27, 2024 08:43AM UTC | 18 Agent replies | 26 Community replies | Feature Requests

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image