Burp Suite User Forum
I've been using Burp for about 2 years, and Burp has been great at reporting XSS on our websites. It does not report it via normal scanning (1.x), it would report the issue if i found a XSS manually using proxy intercept....
No IPv6 support for any of the collaborator infrastructure: burpcollaborator1.portswigger.net has address 52.16.21.24 burpcollaborator2.portswigger.net has address 52.16.107.92 Knowing an ipv6 source address for...
A large number of our app testing consultants at SecureWorks have noted that NTLM authentication stopped working once we upgraded past Burp v1.7.23. We have had to downgrade versions to get things working smoothly with NTLM,...
When performing a Crawl+Audit or Crawl, Scan details > Detailed scope configuration > Included URL prefixes, changes are saved if typed manually but not if populated by "Select from library". The url list appears correctly...
Hi, image file (jpegs) downloaded with the response header Content-Disposition: attachment does not have a render tab in the new version of Burp. This means that you cannot see the images within Burp. An example response...
I am using the newest Burp version 2.1.01 on Microsoft Windows and want to use a hardware token / smart card for authenticating with a client SSL certificate. The PKCS #11 library is successfully found and loaded, but...
Hi, We're running Burp Suite Enterprise v1.0.15beta and use the HTTP API to register sites for scanning during nightly builds. The sites are registered based on endpoints extracted from swagger files (OpenAPI) and...
Hi, it's just a question and also a bug reports. I've noticed that in Burp v2 some api for extension were changed. and i've noticed this in Active scans phases. Many extension active scans fail to execute. Is there...
To pentest applications using Belgian eID smart card identification and Burp Suite Pro, we import the Client SSL Certificate under the 'User Options'-tab > 'SSL'-tab by clicking the 'Add' button and selecting 'Hardware token...
This is being reported as Client-side JSON injection (DOM-based). The value injected does not match the value that is reported as reaching the sink. Dynamic analysis Data is read from input.value and passed to...
An internal error occurred while launching Burpsuite jar and exe on windows machine even i tried re downloading but not working. Burpsuite 1.7.35 is working but not 2.1.*
intercept on,get https requests(A),send to repeater(B),in [Repeater] click [go],response status code:411.Now,in [Proxy] click [Forward],its work,in [HTTP history] response status code :200.Last,in [Repeater] click [Copy...
Hi, A small bug it seems. When creating a report, in the reporting wizard window, when customising the report title and entering a title starting with the same letters/words that you used for previous reports, you will...
When Burp's REST API issues a PUT request to the callback supplied to /scan, Burp does not set the Content-Type header. This causes issues when trying to integrate various tooling, such as ASP.NET Core 2.0. The platform...
<script>alert('hi')</script> <script>alert('hi')</script>
I currently use Chrome with SwitchySharp extension for Proxy or firefox with proxysetting into firefox. Everytime I try to catch traffic comming from localhost, it does not work. I must add an host to my etc/host to test...
lsof, netcat, telnet, google and your support forum haven't been me friends so far. Maybe I missed an announcement... why is burp 2.x opening a second listening port? I noticed that burp is not only listening to port...
Hi there, We've noticed a strange Stack trace when an extension is loaded while another extension is already loaded. In this case I had the UploadScanner extension already loaded and then tried to load the Stepper...
Hello, I performed scanning of web application using Burp Professional and Burp Enterprise separately. Currently the application is not available for scan outside the client environment. Burp Professional Version:...
Hi Burp, Using the new darcula theme of Burp pro, it seems that when being prompt for either: - Temporary project - New project on disk - Open existing project the "Choose file" buttons of that window are not...
Page 112 of 140
Your source for help and advice on all things Burp-related.