Burp Suite User Forum

Create new post

Latest posts

Bringing New Life to Burp Suite

Dear Portswigger Team, I hope this message finds you well! I wanted to make a humble request regarding Burp Suite 1.7.37. Although this version is a bit outdated now, it remains my (and many others') favorite...

Last updated: Oct 09, 2024 05:46AM UTC | 0 Agent replies | 0 Community replies | Feature Requests

Content-Length is update even "Update Content-Length" option is unchecked

In the repeater, Content-Length header is update even the "Update Content-Length" option is unchecked, I found this when I follow the lab "HTTP request smuggling". When check with the Logger show that Content-Length is...

Last updated: Oct 09, 2024 05:01AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

How can I confirm the current users who assigned to my Burp Suite Professional Licenses?

I have two user-licenses of Burp Suite Professional. I have assigned a person to a license of Burp Suite Professional. Now I tried to assign a new person to the license. But I couldn't do with following...

Last updated: Oct 09, 2024 02:18AM UTC | 0 Agent replies | 0 Community replies | How do I?

Exploiting NoSQL operator injection to extract unknown fields -- What am I missing?

I found a hidden field and (after a lot of effort) extracted what would seem like a key value for said field... but for the life of me, can't figure out how on earth to use it... tried putting into header, cookie, using it...

Last updated: Oct 09, 2024 01:15AM UTC | 3 Agent replies | 9 Community replies | How do I?

Community version will not open the built-in browser

I have a VM with Linux distro on it and I installed Burp community and the first thing I did was select the open browser button from the proxy tab, it did not open. I then configured settings like my safari browser settings...

Last updated: Oct 08, 2024 10:50PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Lab "Clobbering DOM attributes to bypass HTML filters" is not getting solved

Below exploit is working for myself and getting the popup but when delivering this to victim then lab is not getting solved. Payload: <form id=x tabindex=1 onfocus=alert(1)><input...

Last updated: Oct 08, 2024 08:39PM UTC | 0 Agent replies | 3 Community replies | How do I?

LAB "Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped" is not getting marked as SOLVED

I am injecting below XSS payload and getting the popup with domain mentioned in it. https://0a36008e04cdc01a80cec72700990053.web-security-academy.net/?search=test%20${alert(document.domain)} Also, tried with...

Last updated: Oct 08, 2024 08:02PM UTC | 1 Agent replies | 1 Community replies | How do I?

Turbo Intruder Headless Error

Good evening, I wanted to run the Turbo Intruder extension in headless mode using only the .jar file. I’ve cloned the repository provided by James Kettle on his GitHub, and I’ve built the source code via the ./gradlew...

Last updated: Oct 08, 2024 04:25PM UTC | 0 Agent replies | 0 Community replies | Burp Extensions

Academy Progress Reset

Hello :) Can you please reset my progress on the labs and learning materials?

Last updated: Oct 08, 2024 01:55PM UTC | 34 Agent replies | 40 Community replies | How do I?

Burp Suite Extension no longer supported by Chromium and is disabled

I upgraded my Burp Suite this morning, and upon reopening the Burp browser, I got a message stating Burp Suite was turned off. When viewing the extension in My Extensions, it has a red exclamation mark and says, "This...

Last updated: Oct 08, 2024 01:14PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image