Burp Suite User Forum
Hi, we have an internal setup where we use SmartCards for Authentication. In Burp 1.7 this worked like a charm but somewhere after the 2.0 upgrade something broke. At the last step (where you enter your PIN code) the...
Hi, I am not getting any response back from one of the lab exercise link "https://acf11fe21f086c81803b383000780037.web-security-academy.net" when i am forwarding the intercepted traffic from burp back to this link. The...
I've noticed on a number of engagements recently that I haven't been able to log in to certain sites (sensitive so unfortunately can't share). Generally if I click login nothing will happen. Browsing the rest of the site...
In the latest 2020.1 version running on macOS installed with the .dmg installer and/or updated with the updater, the "Convert selection" menu item will not let one convert the selection inside the read-only request/response...
Hello Team, We have triggered scan from Burp Enterprise. On IE, Edge or Firefox browser when we click the 'Site' from Scan Dashboard it opens Scan details page. There the details are seen overlap on these browser. It...
Hi, While using burp 1.7.37 on Windows I noticed that the "Date Modified" field is not being updated after closing Burp Suite. I use version control system to upload the latest version of burp file to a repository and it...
Love the dark theme, but I think it's missing a small component. When using the dark theme, in the Burp Collaborator Client, buttons do not switch or change when I click them (lighter or darker would be fine). Simply put,...
Hi, I noticed that editing a file upload request in repeater modifies the content of the file. To reproduce the issue, intercept a file upload and send to repeater. Then add a character in the editor and delete any...
Under HTTP history the time of all requests are one hour late from the actual time. From diagnostics I can see "user.timezone America/Sao_Paulo" which is right. I believe this is a bug related our summer time which has...
Lab doesn't seem to be working for me, even when I follow the solution. Getting timeout errors. This is what I'm trying to use, host url is correct, target is correct, update content length is not checkmarked, and keey...
Hi I've set up an HTTP header replacement rule in Proxy > Options > Match and Replace and it works OK when looking at an intercepted request in the Proxy > Intercept > Raw window. However, when I forward the request and...
There is a bug in section 'Exploiting blind SQL injection by triggering conditional responses', page https://portswigger.net/web-security/sql-injection/blind. Initial query is SELECT TrackingId FROM TrackedUsers WHERE...
Hi, I have scanned same application in Burp Professional v2 and Burp Enterprise Edition v1.0.15beta but as per the reports Burp Pro is missing in HIGH Severity i.e. SQL issue in report whereas Enterprise Report is...
Any pieces of the puzzle that can be found?
same issue using the dmg installer or jar file directly Exception: java.lang.ClassCastException: class com.install4j.runtime.beans.actions.misc.LoadResponseFileAction cannot be cast to class...
Hello, in the HTTP version of Repeater, clicking on the 'Send' button (or using the corresponding hotkey, here 'Ctrl + G') sets the focus on the request editor. However, the exact same action in the WebSockets version of...
Hello Team, We are scanning one application from Jenkins using plugin: Burp Scan. If we scan the application from Burp Enterprise then scanning is happening, where as when we try to scan same application from Jenkins...
Hello, I've a vulnerable Web application where injection inside an AngularJS 1.0.0 context is possible. That leads to a XSS via {{...}}, that is easily exploitable. I know that, at some point, Burp Suite managed to...
Hi, We have one of the clients requesting for document sign off, Can you please clarify the attached for Burp Suite Pro? Is there any partners who can deliver the training on this tool, can you please connect to...
Hi! Creating a new ticket given that the previous one 1) doesn't in my cases 2) isn't very clear https://support.portswigger.net/customer/en/portal/questions/17690810-false-negative-in-angularjs-xss- Burp Suite will...
Page 107 of 142
Your source for help and advice on all things Burp-related.