Burp Suite User Forum
I'm trying to connect to the site to solve the lab but it returns that error. I've tried reimporting the certificate, resetting the proxy options and reinstalling my Kali VM. The proxy connection works because it loads the...
Image previw: https://imgur.com/61GYvxV I just launched Burp and have no idea why it looks like this, I tried reinstalling it and it is the same thing. display settings: res: 1920x1080 dpi: 96
For example if you chose numbers and you start from 0000 to 9999 (10.000 options) it will not try to brute force the endpoint $0000$ from 0001 to 9999 instead it will scan from 1 to 9999 Is this a bug or is there a way...
I am unable to find the notes feature in the repeater tab in version 2023.10.1.2. Can you please help in finding it? I think either it has been removed from the mentioned release or there is some bug due to which its not...
I tried to use Burp with an Azure IOT edge client. It's a special kind of software that is for example installed on a VM that should talk to Azure. Of course it talks HTTP/HTTPS and even supports proxying. However, I...
Hi, We live in Romania and when working in our native language we are also using non-ASCII characters: ăîâșț. I noticed that if I use these in a website proxied through Burp the filter does not find this characters....
Hi Team, I am working on following lab," DOM XSS in jQuery anchor href attribute sink using location.search source". I was able to use following payloads, and popup is seen, but lab status is still not solved. Some...
Hi Team, The NoSQL injection bypass authentication lab is not working properly. I am able to login to wiener account with the NoSQL injection but not the administrator. I guess the administrator user was not added to the...
Hi team, Currently we used BurpSuite Login Sequences to record my login to web application on almost our website for automatic scan. But today I encounter an error that after I recorded login sequences, I start a new...
Have confirmed can use NoSQL injection to login as wiener (injecting on username, password, or both)... but when attempt to login as administrator (or any other account), get a 500 error (unexpected # of results found). ...
Hi, I have an issue reported by Burp Scanner in my current test for EL-based SSTI where a Collaborator domain has been injected resulting in a DNS lookup. The issue is that the Collaborator interaction is detected about 6...
earlier on this year i was having issues with adding requests to sitemap under via the Repeater... Support told me then to please 'add to sitemap' using via the Logger. that worked well but now i am having another issue. the...
Hello ^^, the lab: https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-internal, has a unintended solution! #) Steps Explanation We can overwrite the Host...
Hello, I tried everything, "Match and replace rules" in the proxy settings doesn't work. Match (regex): ^User-Agent:.*$ Match (regex): User-Agent:.* Match (literal): User-Agent: Replace: User-Agent: HackerOne...
Hello, while I was doing Lab "Lab: Cache key injection" https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-cache-key-injection, I ended up finishing it very...
Hi, I and some of my colleagues are experiencing a bug where WebSocket messages can't be sent to Repeater. I tested both Burpsuite v2023.6.2 and v2023.7.-21628 installed on a Linux system and used the following steps to...
Hi, The document says the following You can embed credentials in a URL before the hostname, using the @ character. For example: https://expected-host:fakepassword@evil-host While the lab solution says Change...
Turbo intruder does not seem to support "Content-Type: application/x-protobuf". Try this on recaptcha v3.
when i open labs it load a page says 'Bad Request' kind regards, Muhammad
I worked on Repeater for a few days and added tabs and tab groups for the endpoints I was testing. Eventually, I created one tab that messed up a few tab groups. Then, after organizing the new Repeater tabs in groups, I...
Page 25 of 152
Your source for help and advice on all things Burp-related.