Bug Reports - Page 102 - Burp Suite User Forum

Lab: DOM-based cookie manipulation

In this lab this solution can work also and it's easier than the one in help...

CORS issue not highlighted by Burp

Hello, I have an application which for some requests returns Access-Control-Allow-Origin: * Access-Control-Expose-Headers: x-filename I have active scanned the request with Burp but it doesn't report the CORS issue...

Getting scan results from API

Hi! I use Burp Suite Professional 2020.9.1. The API works nice, besides that I supposed that using API I will be able to get scan results that were committed from GUI. Requests for these scan results returns an empty...

After opening Burp in MacOs screen my whole screen turns black

After opening the Burp Pro in Mac for few seconds my whole screen turns black and am not able to do anything. Not happening with any other application. Is it an issue with my Burp version or something else, thanks!

download burp suite community edition not working MacOSX

I've been trying to download Burp suite community edition but its not downloading cause every time I do it it doesnt do anything please help

Intruder missing remove request from results

Hi, with the newest version of Burp v2020.9.2 it seems that Intruder no longer has the functionality to remove requests from result. Could you please re-implement it in the next releases? Many times I'm using Intruder and...

no trafic received

hi. I have a severe problem with the BURP - it has no traffic from the sites being tested. If I open the Site map tab in Target, or the HTTP history tab in pro-xy, I see nothing. I get alerts that the problem is with the...

Sequencer crashes JRE

Lately I've experienced crashes of the entire Burp process when using Sequencer: OS: Once on macOS and once on Windows verison: Burp Pro 2020.9.1 Extensions: On Windows there wasn't a single extension installed I've...

Burp Timeout

I recently noticed my scanning runs an increased timeout in Active phase 1: Sometimes followed by this message the client failed to negotiate a TLS connection to xxxxxxx.com:443 Remote host terminated handshake And...

Basic clickjacking with CSRF token protection

hi I use the exact same solution as in the guide, and i use chrome, but the problem remains unsolved

Parameter 'search'

LABS: Reflected XSS into HTML context with all tags blocked except custom ones No parameter 'search' when intercepting request

Unable to Apply License

Hi Support, Good evening I recently downloaded the enterprise version of the burp suite however after completing the installation I am unable to apply the license key file. I would love your assistance to have this...

Strange behavior of proxy's "save item"

I try to debug some android app. It send some thrift packets, so body looks like encoded. Unpack gzip/deflate in requests/responses does not change anything, so I assume there are no gzip encoding during https. But when...

web cache poisoning lab does not cache my response

i did everything as stated in the solution yet my response didnt get cached. GET / HTTP/1.1 Host: accf1f231fabbe8c801e0f8d00fd0017.web-security-academy.net X-Forwarded-Host:...

Burp errors out when we try to start and create a new project

Hi Guys, Could you please let us know why Burp suite tool is throwing an error and ends the session. We have started using burp after few months and we renewed our license today. Here are more details: It died with...

SQL Injection Database Version : Labs

Hi In SQL Injection Lab to Find the version of Database , ideally one would need to identify number of columns in the table. For this purpose the default DUAL table is used in Oracle. However without using the DUAL Table...

Burp enterprise (graphql api) always returns 0 on site's parent_id when querying the scans

Hello, When querying the scans or getting a single scan, when checking the folder to which a site belongs, it always returns 0 (ROOT) folder. Example: query getScans { scans { id ...

Embedded browser not working on windows 10

Hello I have the latest version of burpsuite pro 2020.9.2 with openjdk 14 GA (build 14+36). Embedded browser never worked. I'm using the binary version and not the plain jar file. The embedded browser health check output...

for the maintainers of burp.gkp

When BS is opened from terminal these errors show up only in the terminal, I don't see these warnings in GUI and don't know how they effect functionality as I just noticed them today Your JRE appears to be version 11.0.8...

Error during installation

Sir I want to install burp suite but I got some error which says A JNI error even I upgrade java to 14.0.2 but not successful to install also I tried that java file to linux but same error Please help