Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

File Signature Bytes

Hello, I'm a user of Burp Suite Community Edition only. I'm testing by sending a request include a file with Content-type:multipart/form-data. A problem occurred if the file was manipulated by adding a JPG signature...

Last updated: Nov 01, 2023 10:48AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Browser header sec-ch-ua is empty causing all requests to be blocked

Just installed Burp Pro v2023.6.2 Opened Browser and every request to my company's sites are rejected. We use a WAF that blocks requests containing empty header values. The header being sent with no value is...

Last updated: Oct 30, 2023 01:08PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

File search and buttons don't work

I'm currently using the latest stable version of the Windows Desktop version. For some reason, whenever I'm trying to select a wordlist in Intruder or a session file, it doesn't work and all buttons loose all...

Last updated: Oct 30, 2023 09:45AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Internal browser forces HTTPS after update

Hello! I am using the internal browser in Burp Suite, and after updating the community edition to version 2023.10.3.1 the browser forces HTTPS when I try to go to a HTTP site, and I get the error message "Unsupported or...

Last updated: Oct 26, 2023 03:58PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

CSRF value = null when Request sent thru Burpsuite

When I send a request in the Repeater or Intruder, the CSRF Token in the Response show value = Null? However, within the History Tab of the Proxy, the CSRF value show the actual value. But in the Repeater, Macros, and...

Last updated: Oct 26, 2023 03:49PM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Enterprise Edition 2023.9.1 scans running days and failing

Since the update to 2023.9.1 scans that would take less than an hour are taking days and failing. No changes were made to the applications being scanned and no configuration changes were made to scans. CPU usage is at 100%...

Last updated: Oct 26, 2023 03:11PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

wiener:peter not working in Lab: User ID controlled by request parameter with password disclosure

Hi, I am unable to complete this lab because the login credentials I was provided, wiener:peter, is not working. I believe that this lab needs to be reset.

Last updated: Oct 26, 2023 09:34AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Basic clickjacking with CSRF token protection can't be solved

https://portswigger.net/web-security/clickjacking/lab-basic-csrf-protected I have tried with firefox and chrome.I am doing exactly what the solution says and I have also watched the community solutions.But none of them work...

Last updated: Oct 26, 2023 08:24AM UTC | 4 Agent replies | 5 Community replies | Bug Reports

Failed to create burp project cannot parse null string - Burp Suite Professional

os: windows 10 version: burp suite Burp Suite Professional v2023.10.2.3 / installed version of Burp error : An error occurred when starting a project with the selected options. Failed to create Burp project: Cannot...

Last updated: Oct 25, 2023 02:45PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Lab: Exploiting NoSQL operator injection to extract unknown fields

Hello, I post in bug reports because I dont know what else to do XD Is the lab mentioned in the subject working as intended? I have tried four times, if not more, to solve this lab and everytime I try to change the...

Last updated: Oct 25, 2023 07:16AM UTC | 4 Agent replies | 3 Community replies | Bug Reports

I accedentally deleted wiener account.

I accedentally deleted the wiener account while testing my exploit in "Basic clickjacking with CSRF token protection" lab. After I read the solution, I learned that the lab would be reset after 20 minutes but now it's not...

Last updated: Oct 23, 2023 01:43PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Network is unreachable when connected to the internet via Apple USB phone. Burp proxy works normal when using normal router

Hello, I'm having problems using burp when I use my mobile data for testing but not problems at all when using the normal router connection. How do I configure?

Last updated: Oct 23, 2023 11:52AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

xss labs

when i finish the lab and call the alert/print function like mentioned in lab description it works but the lab wont trigger and it will stay as "not solved"...

Last updated: Oct 23, 2023 11:11AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

SQL injection vulnerability in WHERE clause allowing retrieval of hidden data

I believe this sql injection vulnerability can be solved without burp. e.g., just replaying the request with the payload via the browser: https//....web-security-academy.net/filter?category=Tech+gifts%27--%20 However, the...

Last updated: Oct 23, 2023 09:50AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

"Lab: Exploiting cross-site scripting to capture passwords" has trouble

When I inject the payload, it does not run for a long time, and there is no request from the victim send

Last updated: Oct 23, 2023 08:36AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

can't access any labs

Every time I click on "Access Lab" in any Academy course, I get an error "bad request". I've tried multiple browsers. I'm not using a VPN or proxy.

Last updated: Oct 23, 2023 08:01AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Cant download Burp Community Edition

The link to start download Burp Community Edition not working!!!

Last updated: Oct 23, 2023 07:41AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp-Enterprise scanning pool error on edit details v2023.9.1

Hi Burp-Team, I noticed an error when editing an existing scan configuration. If a scanning pool was previously assigned to a page and someone wants to add for example headers later the scanning pool is automatically set...

Last updated: Oct 20, 2023 11:25AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

I have just installed burp enterprise v2023.10.3 but still getting install updates for lower version

As stated in the subject, after installing the v2023.10.3, I got a pop-up to update my burp instance to "Burp Suite Professional Edition 2023.10.2.2-24102"

Last updated: Oct 19, 2023 11:56AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

burp suite seems to be broken.

Hi team, burp suite seems to be broken. screenshot : https://ibb.co/h2WcVjH version : v2023.10.1.2 JDK version : 17.0.8 I tested it in the latest version of java (JDK 20) and the same corruption happens. any...

Last updated: Oct 19, 2023 08:17AM UTC | 4 Agent replies | 4 Community replies | Bug Reports

10 11
12
13 14

Page 12 of 143

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image