Burp Suite User Forum

Login to post

BurpSuite Professional on Kali (ARM) running on MacBook Pro with M1 processor

Hello, I am trying to run my BurpSuite Professional licensed version on a MacBook Pro with M1 processor but I receive error: Unpacking JRE ... Starting Installer ... ./burpsuitepro.sh: 598:...

Last updated: Jun 11, 2021 07:04PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Division by zero while loading a saved project

I am using v2021.5.2 and loading a project written with it. Unfortunately the project has a fault and keeps reporting division by zero at every load. Is there something I can do to fix the project file? The...

Last updated: Jun 11, 2021 09:23AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp Suite Professional - Error Connection Reset

I am experiencing a connection reset error intermittently, it seems, when trying to rn injections on the SQL Injection lab 'Listing the contents of a database'. I even tried following along with one of the video tutorials...

Last updated: Jun 11, 2021 09:21AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

OAuth authentication

Authentication bypass via OAuth implicit flow: this lab when i want to log into social network page the this page redrict to this kind of page: SessionNotFound: invalid_request at Provider.getInteraction...

Last updated: Jun 11, 2021 08:42AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

HTTP1.1 replaced by HTTP/2 in response header?

I intent to use Burp Suite to be able to see in more detail the communication of an application I just started to develop. I am currently using Community Edition v2021.5.2. My application responds normally when I do not...

Last updated: Jun 11, 2021 08:06AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Academy Progress Lost

I recently change my email to email B and lost all my progress except for XSS labs. Then when I change back my email to email A, I still lost all the other lab progress (CSRF SSRF, SQLI,etc) except for XSS labs. Need...

Last updated: Jun 11, 2021 07:45AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Burp Collaborator can't Connect

Someone has the error The capture server hostname c7klv47kjxdhx7bg32grw89gp7vk93tlxom.burpcollaborator.net could not be resolved to an IP address. Ensure that an appropriate DNS entry exists for the server. No...

Last updated: Jun 10, 2021 09:03AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Collaborator doesn't show request for DNS and HTTP

Collaborator showed request only for https://<url> If I used http://<url>, the server showed the response, but doesn't get captured in collaborator client.

Last updated: Jun 10, 2021 08:53AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Browser not opening in Professional v2021.5.2

Hello, I am currently running v2021.5.2 on windows. When I try to run inbuilt chromium browser, I am getting the following error message: net.portswigger.devtools.client.s: unable to start browser I had a look at the...

Last updated: Jun 10, 2021 08:46AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

HTTP2 Failure In Extensions / callbacks.makeHttpRequest

Hello, I'm currently using Burp Pro version 2021.5.1-7814, however I've noticed this behavior on earlier versions as well. The Proxy handles HTTP/2 traffic just fine. So does repeater. But when an extension literally...

Last updated: Jun 09, 2021 02:58PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Problem with sqlmap after burp update to 2021.4.2

Sqlmap can be run by giving --proxy https://127.0.0.1:8080 which will take alll its data through burp. However, after the recent update in burpsuite, while running sqlmap with burp proxy, getting error: [18:24:03] [INFO]...

Last updated: Jun 09, 2021 02:56PM UTC | 3 Agent replies | 1 Community replies | Bug Reports

Http2 not supported in target requests

Hi team, I was trying to scan an application supported http2. But my login macro failed. while looking through the logs, the status code of (macro request's response) is 505. The same request is successful in repeater...

Last updated: Jun 09, 2021 02:32PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Null Payloads No Longer Repeating in Intruder

I'm running the latest version (v2021.5.1). I used to use intruder with null payloads and one minute intervals, and a grep for user info to see how long a session would last after a user logged off. However, this no longer...

Last updated: Jun 09, 2021 02:26PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

[Beta v2.0.03beta] New Scan does not seem to ever finish

Hi, following up on my previous bug report. I am running the latest burp beta on a fully updated OSX and JAVA environment. I have started a new scan against 2 URLS from the same domain and towards the end of the scan,...

Last updated: Jun 08, 2021 04:01PM UTC | 5 Agent replies | 6 Community replies | Bug Reports

[Minor False Positive] Strict transport security not enforced when HTTP 30x encountered

Hi, I have several instances on the dashboard which claim to have a HSTS problem but burpsuite obviously connected to the instance before. Example of a full response header: HTTP/2 304 Not Modified Date: Tue, 08...

Last updated: Jun 08, 2021 12:48PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

XSS Cheat Sheet Copy to clipboard option does not work.

Hi guys, I am trying to use the copy to clipboard option on the XSS cheat sheet page, in order to paste the payloads on the payload tab and it seems that it is not working. I have tried it from both the guest OS and my...

Last updated: Jun 08, 2021 10:55AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Wrong lookup IP address in External service interaction (DNS)

Hi, We had recently performed Burp Suite Scan on our application and the External service interaction (DNS) was reported with Severity: High and Confidence: Certain. However in the Collaborator DNS interaction the IP,...

Last updated: Jun 07, 2021 11:03AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Password reset poisonin via dangling markup

in the step 5 they all time show me that CSRF token is invalid. Even if I follow the video tutorial the thing is same. so help me to solve the lab.

Last updated: Jun 07, 2021 10:13AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Repeater request timeout

HI i am the lab trying the web cache poisoning with multiple headers. i place the cache buster and the x-forwarded header the request in repeater the request keep timing out. i do it without cache buster and custom header it...

Last updated: Jun 07, 2021 08:34AM UTC | 5 Agent replies | 6 Community replies | Bug Reports

Request Engine

Hi! I can not see in the Intruder in the options pannel the Request Engine which enable us to change the number of threads sent. I just have an Error Handling section... I have the BurpSuite version 2021.6. Thank you!

Last updated: Jun 07, 2021 07:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 1 of 77

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image