Burp Suite User Forum

Login to post

Latest posts

Exploiting NoSQL operator injection to extract unknown fields -- What am I missing?

I found a hidden field and (after a lot of effort) extracted what would seem like a key value for said field... but for the life of me, can't figure out how on earth to use it... tried putting into header, cookie, using it...

Last updated: Sep 27, 2023 02:31AM UTC | 0 Agent replies | 0 Community replies | How do I?

Believe there is a bug in the Exploiting NoSQL operator injection to bypass authentication web academy

Have confirmed can use NoSQL injection to login as wiener (injecting on username, password, or both)... but when attempt to login as administrator (or any other account), get a 500 error (unexpected # of results found). ...

Last updated: Sep 26, 2023 11:42PM UTC | 0 Agent replies | 1 Community replies | Bug Reports

issue with 'add to sitemap' function

earlier on this year i was having issues with adding requests to sitemap under via the Repeater... Support told me then to please 'add to sitemap' using via the Logger. that worked well but now i am having another issue. the...

Last updated: Sep 26, 2023 02:33PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Version 2023.9.1 and 2023.10.2 does not include <vulnerabilityClassifications> in the xml and html reports generated using sparky

Hi team, We upgraded Burp recently to 2023.9.1 and then to 2023.10.2, and found out that these versions are not returning vulnerability Classifications details in the xml and html reports. We have automated the report...

Last updated: Sep 26, 2023 01:47PM UTC | 3 Agent replies | 2 Community replies | How do I?

use burp rest api to automate the scan and generate report!

Hi, Currently we run automated security scans with zap by proxying our e2e tests. We want to try out burp suite and pick the best. I was not able to find much support on how to access the rest api documentation and how use...

Last updated: Sep 26, 2023 01:45PM UTC | 4 Agent replies | 3 Community replies | How do I?

Understading the Export Feature

Hello, I was wondering when i export all requests in a burp session to XML, i get the request and response, does it also contain the Tampered requests ? Additionally, how can i export all repeater requests ? Thanks.

Last updated: Sep 26, 2023 01:02PM UTC | 3 Agent replies | 2 Community replies | How do I?

BurpSuite Professional v2023.1.2 unable to connect to https://www.google.com

Just freshly installed Burp Suite Professional version 2023.1.2 Launched built-in web browser from Proxy -> Open browser. Tried to connect to https://www.google.com and received No response received from remote server....

Last updated: Sep 26, 2023 12:53PM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Dark Mode for Web Security Academy

As a learner we have to spend a lot of time spending time reading on Web Security Academy. Therefore, it would be very convenient if we had an option of dark mode too.

Last updated: Sep 26, 2023 12:49PM UTC | 9 Agent replies | 17 Community replies | Feature Requests

Unable to access labs while proxy on(intercept off), everything except labs works fine

Hey, I am recently facing this issue on port swigger labs only. I am unable to access the labs while turning on my proxy. I tried to solve it using regenrating ca certificates, and few more things. But none works....

Last updated: Sep 26, 2023 11:47AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite Pro automatically closing out

Hi Team, My Burp Suite Pro Crashing out while Crawl and Audit, even on active scan also. I have updated recently after that this issue is coming before that it was working fine. Could you please advice .

Last updated: Sep 26, 2023 10:36AM UTC | 2 Agent replies | 1 Community replies | How do I?

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image