Burp Suite User Forum

Create new post

Academy Lost a Lab for me

I don't know whether this is a bug or not but I seems to lose a lab in Academy: 58 Apprentice labs, 168 Practitioner labs and 37 Expert labs (263 labs in total). While in Leaderboard, everyone has 264 labs done. If this is...

Last updated: May 14, 2024 08:17AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp possibly doesn't close HTTP2 gRPC connection gracefully

First of all, thank you for your great efforts to make HTTP2 available in Burp. I'm using Go gRPC example application named RouteGuide(https://github.com/grpc/grpc-go/tree/master/examples/route_guide) to check Burp can...

Last updated: May 13, 2024 12:40PM UTC | 10 Agent replies | 16 Community replies | Bug Reports

Importing OpenAPI v3.0 spec for scan - "Couldn't read the API definition. Review the definition and correct any syntax errors."

I used a private repo (hence not sharing) OpenAPI .yaml spec to augment a collection, then used redocly-cli to create a v3.1 SON collection and then used @apiture/openapi-down-convert (npm) to downgrade the v3.1 OpenAPI spec...

Last updated: May 13, 2024 12:23PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Internal browser not connecting to Tryhackme

Hi, I was practicing at tryhackme.com but I can not use the internal browser for it. I get an error like: Burp Suite Professional Error Failed to connect to 10.10.82.157:443 Using Firefox with FoxyProxy works...

Last updated: May 13, 2024 09:30AM UTC | 3 Agent replies | 4 Community replies | Bug Reports

Burp Suite Professional is not opening

I am trying to open Burp suite in the Windows but I am facing on issue saying "Burp did not start properly last time. Do you want to start it without loading extension?" and on choosing either Yes or No fails to load burp...

Last updated: May 13, 2024 07:51AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Remote code execution via web shell upload, it's not taking the correct solution.

Can someone on staff look at this challenge? I have the secret key but when I copy and paste it into the submission box its says it's wrong. I could post the key here or what URL string I used to get it if needed, but I...

Last updated: May 10, 2024 01:08PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Lab: SameSite Lax bypass via cookie refresh

this lab can be solved by deliver this only exploit to the victim without anything else <html> <!-- CSRF PoC - generated by Burp Suite Professional --> <body> <form...

Last updated: May 10, 2024 12:50PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Mail address check problem

When I try to request free trial of Pro Version and type my actual email address correctly, it always shows an error "Please enter a valid business email address". It also didn't work with Gmail. It is really annoying, could...

Last updated: May 10, 2024 07:57AM UTC | 7 Agent replies | 10 Community replies | Bug Reports

Lab Not Working Anymore : CORS vulnerability with trusted insecure protocols

I am trying to solve the mentioned lab, with the payload provided by the academy, by the payload isn't working. When i view the payload, the request is indeed sent to stock subdomain, but it replies with...

Last updated: May 09, 2024 12:17PM UTC | 5 Agent replies | 7 Community replies | Bug Reports

Unable to add client tls certificate (Can't add/load library file)

Trying to add client TLS certificate (hardware token - CAC) in Burp so I can test CAC-enabled sites. In the workflow can't add/load library file so workflow stops there. Some chatter/traffic about it being an issue with Burp...

Last updated: May 08, 2024 07:59AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Proxy not working for SOCKS connections

I can't see any WebSocket traffic history in Burp when trying the Academy Lab `Manipulating the WebSocket handshake to exploit vulnerabilities`. I've tried with the following versions of Burp in my Kali Linux...

Last updated: May 08, 2024 07:07AM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Software is Preventing Firefox From Safely Connecting to This Site

Hi Team, I'm having an issue getting Burp Suite professional v2024.3.1.4 edition with Firefox [Version 125.0.3 (64-bit)]. ERROR: Software is Preventing Firefox Developer Edition From Safely Connecting to This...

Last updated: May 07, 2024 09:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Query Regarding Performance Issue in XSS labs

Dear Team and members, I hope this message finds you well. I am reaching out regarding a performance issue I have encountered while using Burp Suite Professional in Lab Reflected XSS into HTML context with all tags...

Last updated: May 07, 2024 08:36AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Issue with simulated victim user in Lab: Internal cache poisoning

Hi. There seems to be an issue with the simulated victim user for this lab that the lab doesn't get solved even when the cache is poisoned. Thx

Last updated: May 06, 2024 10:06PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

there is a way to crack the burp suite pro

i was looking for a crack for the burp suite pro ""only to report it, i just like the burp suite "" and i found a crack file on the internet for the burp site pro i will tell ware but only in private like with an email...

Last updated: May 06, 2024 04:06PM UTC | 1 Agent replies | 2 Community replies | Bug Reports

this labrator is not working to properly, i even used the solutions but it didn't work

hello their portswigger support, first of all ty forthis good platform, im solving sqli labrators ut this labrator is not working to properly i think some thing in back end is wrong the labrator =>...

Last updated: May 06, 2024 07:28AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Academy Lab Bug

Hello! I have been working through the Race Conditions topic, and am stuck on the last lab, Exploiting Time-Sensitive Vulnerabilities. I understand the concept, but the requests for username=wiener and username=carlos...

Last updated: May 03, 2024 07:48AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Forcing HTTP/1.0, particularly using Repeater

With the new http/2 normalizing 'feature' I now appear to be unable to use/force HTTP/1.0, which is required for IP address leakage findings: https://portswigger.net/burp/documentation/desktop/http2 I feel there should...

Last updated: May 02, 2024 09:17AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Freeze on Screen Lock (macOS)

Burp Suite Pro seems to lock up every time my screen lock activates. This is Ventura 13.4 running on M2 silicon with v2024.3.1.3 When resuming, the only button that works is close and then the confirm dialog shows which...

Last updated: May 02, 2024 06:44AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Enterprise Edition: JUnit file cannot be parsed with Jenkins

Hi team, Our team is using the CI-driven scan feature of the Enterprise Edition integrating Jenkins and we are currently facing "XML Parsing Error: reference to invalid character number" error when we try to display the...

Last updated: May 02, 2024 06:30AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Page 2 of 144

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image