Burp Suite User Forum
We found a that Burp Suite it doesn't test response splitting vulnerability. For example: www.example.com/about.php?date=%0D%0ATest%3A%20no If the HTTP response get the additional header "Test: no" should be...
Hello, The Burp Extender API JavaDoc link (https://portswigger.net/burp/extender/api/index.html) currently returns a 404. Thanks, Robbie
Dear Sir, we identified a missing identification of Blind SQL injection on some specific parameter. The SQL injection is presented on a single parameter of a POST request. Like par=pluto par=pluto -> result...
Hello, I have an application which (by design) logs the user out (by redirecting to login page) when inputs don't have a valid value. I need to use the Session Handling to re-login. The log out detection in Burp is...
Hi guys, First off, keep up the great work and I hope to meet you guys in Vegas for DC. I have a small issue with BurpSuite due to the way my plugin is making calls between the FX and Swing thread. I understand FX is not...
Hi again, I am experiencing a strange race bug(?) in the Intruder result output window. For some reason, when viewing an HTTP response in a custom IMessageEditorTab, the .getRequest() and .getResponse() methods return a...
There is a mismatch in the Collaborator External Service Interaction (DNS) between the URL inserted in the attack vector and the DNS request that Burp collaborator display in scanner result. One example...
Hello, I am trying to use BurpSuite_free_V1.6.01 with jdk 1.7.0_80 with the accessbridge enabled so I can use the JAWS screenreader with it. After starting burpsuite and opening firefox 31.1.1 which has been configured...
Hi, Not sure this can be considered as a bug but the feature needed to be improved. I launched the burp from cmd command line ( java -jar etc ) to increase the RAM allocation for the software. At one point, I accidentally...
I noticed the Contents View in site map sometimes does not pick up specific resources under certain conditions. Ex : An item has been identified during a spider scan as a GET request to /content/script, gets added...
I recognized that the URL in Target, Site map is different from the URL in the Request, Raw window. Here is what is shown in the Site map window right above (list of all URLs): https://www._something_.com/ - GET -...
Trying to restore state on Burp Pro 1.6.18 the following exception occurred: java.lang.IndexOutOfBoundsException: Index: 3, Tab count: 1 at javax.swing.JTabbedPane.checkIndex(JTabbedPane.java:1768) at...
Hello, we are experiencing problem with stored macros in Option -> Sessions. Macros work fine immediately after being recorded. But after some time (even days), stored Requests become invalid and empty - full of...
I have a toy Python extension that simply prints out all command-line arguments, and calls exitSuite if there were any to print. About 50% of the time that I run Burp Suite from the command prompt, there is no output and...
Whenever I restore a state file, it loads extensions multiple times. Burp 1.6.18, Java 8u45. Screenshot: https://imgur.com/sQ9EnMp
Hi, when I set up custom keyboard shortcuts in Options:Misc:Hotkeys, they do not work in windows I detach using the Window:'Detach XY' submenu. Regards, igor
Hi, I think I may have discovered a small bug with the concrete implementation of the IScanQueueItem returned by the doActiveScan methods. When I try to access a method, I get the following error: Exception in thread...
Hello, There is a bug in IRequestInfo.getUrl() that is related to how the hostname is retrieved. Currently getUrl() uses the hostname specified in the target options instead of the Host header in the HTTP request....
Hi, Whenever I run Burp Suite on my system it prints following message and goes headless (no splash screen even). If i delete .java/.userPrefs/burp folder, then it even prints the license agreement on the...
Hi, When I add a proxy listener on Proxy / Options / Proxy Listeners, I can't see the added listener on Burp GUI. So I can't edit or remove it with mouse cursor (cursor keys can help the scene). Burp Suite...
Page 140 of 142
Your source for help and advice on all things Burp-related.