Burp Suite User Forum
Hello, I'm not sure am i doing something wrong or why Crawl scan is not working? After i configured settings and started it, it says "Crawl finished." under dashboard. Live passive crawl from Poxry is working well. Other...
I am seeing an extremely high usage on my CPU in burpsuite. I am also seeing the RAM consumption go up to 16-17GB in a session. I am in the middle of a test of an API for a client. I can kill burp and then reload it. Then it...
When using any of the select file or select folder buttons that launch an explorer-esque window they take up to a minute to load, and navigating to different folders takes just as long. I'm on the latest win10 with burp...
I am not able to record the full application and Scan the Vuknerbaility Test --http://localhost:8080/sites can you please guide me
Need to generate the Html report with date and time
I'm trying to access the Single sign on app in a UAT environment, but I get an error in browser saying : "Received fatal alert: close_notify" In BURP alert : it says "failed to autoselect ssl parameters <URL>". Upon...
I wanted to cancel a scan that i started earlier within one of the stock configurations in the library, "Audit coverage - thorough" so i right-clicked it in the "Audit items" tab inside the task and choosen "Cancel". Some...
Steps to reproduce: 1) Install the latest burp suite beta on a MacBook laptop. 2) launch the program 3) close the program 4) attach at least one external monitor, keyboard, and mouse to the MacBook. 5) close the laptop...
I have tried with java 8 and java 12 but without luck. When i try to view response in browser from Burp Suite Professional 2.0.22beta I can't actually see the response. I click to render the response, it work but all i see...
When a JSON response is sent Burp cannot deduce the MIME type correctly if the content is: {"name " :"bla"} Instead of JSON Burp thinks the type is text. I tested several cases and it seems that the space at this...
Hi there, Burp Scanner identified a Reflected XSS with the following payload: "cjb0i"accesskey="x"onclick="prompt(1)"//b1jkc" The problem is, that all modern browsers sent the " URL encoded as %22 and %22 is blocked...
I am on Kali Linux and firefox esr is not able to browse https sites when intercept is turned on. I did install the certificate and it is still not working.
<html> <body> <p>lol</p> <a href="https://www.google.com">lol</a> </body> </html>
Hello Team, Created a Jenkins job on CloudBees Enterprise edition for Burp Enterprise edition using Burp Scan. In the Post Build section of Jenkins job used the plugin: Editable Email notification and given the email for...
Hello, I am going through the lab and I have problems to find the correct parameters for post requests. For example in "'Blind OS command injection with out-of-band data exfiltration" I do not see "email" parameter in the...
The injection is on TrackingId cookie, but it only works if you inject in a "/filter?category=" page, not in a "/product?productId=" page. It drove me crazy for a while :)
After I installed computers (agents) to connect to my enterprise server. The agents keep writing pending license. whereas my agent license covers the amount of agents I tried updating the license using the original...
It seems that the online update has some sort of built-in timeout and we are consistently hitting it and unable to update. With previous versions, the update would finish after many retries, but since v1.0.14beta we have not...
http://oa.wz.zj.cn/ctkj_acl/html/login.html the normal request data: POST /dwr/call/plaincall/FrontAction.getmobilePwdPortal.dwr HTTP/1.1 Host: oa.wz.zj.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0)...
I can run scans all day long and my license is active, but I cannot view scan results of new or previous scans. This must have started happening after one of the recent software auto-updates. Please help and please develop...
Page 121 of 148
Your source for help and advice on all things Burp-related.