Burp Suite User Forum
While attacking with Intruder, most of the times we need to change the threads, check the Grep-Match box or many other things in the Options tab. When we do this on the live attack the below annoying popup window...
While crawling, "Session handling tracer" shows the requests but it shows empty responses. I want to be able to see the responses.
Hi folks, Finding this one a little tricky to solve. Burp stopped working on my OSX system recently. I run it from the command line with something like: java -Xmx1024m -jar burpsuite_pro_v1.6.18.jar I get the...
Hello, like on subject, can't login on my account on another computer. I Didn't see any restrictions to login on another systems, can you help? Thank you,
I found a strange bug. Sometimes the stderror location of my extension in the "Errors" tab ("Extender" -> "Extensions") suddenly changes his value, from "Shown in UI" to "Output to system console". This behaviors can hidden...
[Burp Pro v2.0.04beta]Hello! While I'm trying to save project file I am getting following error: "Unable to save project data to the file /../../../../projectname.burp: null" I don't know how to see the full error trace. I'm...
I send Request many times but there was no response It is showing Waiting... Forever, What shoud I Do
Hey all, I have been trying for days to get NTLM authentication to work with Burp. I've tried multiple browsers and find that Burp will not proxy NTLM requests at all. When authenticating manually through the browser I...
According to RFC3986 section 2.2, square brackets ('[',']') are reserved characters. Burp doesn't percent encode these characters when using the Ctrl+U hotkey, and one can observe Scanner payloads that don't have these...
i recently got the alert of reflected XSS with confidence certain because "vbscript:msgbox(19301293)" was injected inside a <a> tag, in the href part. I wasn't aware vbscript could be injected there. the thing is that,...
Hi friends! I read all articles and mark them as "Completed" a month ago. However, after some updates, I found that my progress right now is 30% even after I mark new posts with the "Completed" checkbox. What I must do to...
my browser unable to connect *any* websocket while working with burp I also tried changing my browser. I'm getting this error on firefox (similar messages in other browsers): "Firefox can’t establish a connection to the...
I've been using Burp Suite on my Ubuntu computer for a couple of months, but for some reason it has stopped working. I don't know why - I was using it, then it crashed, stopped working, and since then I haven't been able to...
Version: Burp Professional v2020.2.1 Issue description: while having the out of scope Proxy history logging disabled, with the scope defined as follows (the IP address was changed): In scope: Enabled: yes Protocol: HTTPS...
Link: https://portswigger.net/web-security/cross-site-scripting/contexts/lab-some-svg-markup-allowed This lab is not accepting the expected solution. (yes I tried on chrome win/linux)
I went to solve the following lab:"Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft". And everything I did didn’t work, when I went to see the solution what I did was correct and still...
Hi, My security analyst created a REST API user for me. I logged-in to Burp Enterprise REST-API and tried to use the 2 REST-API GET queries, these GET queries are working fine. The problem is with POST query. It does...
Hi team i would like to know that my CSRF and CORS Labs are not functioning properly.Let me explain this in detail I was trying Simple CSRF lab and i made CSRF POC using both solution and also and CSRF POC generator provided...
Greetings, I have a web application that is configured to use pkcs11 Smart Card authentication. When I browse to the application and authenticate via the standard mechanisms, I gain access to the application without...
Using the match/replace in proxy no matter what I do I keep getting Content-Length added for example Content-Length: 1122 even when I create response find/replace for Content-Length: \d+ /aaaaaaaaaaaaaaa I just end up with 2...
Page 102 of 142
Your source for help and advice on all things Burp-related.