Burp Suite User Forum
i was looking for a crack for the burp suite pro ""only to report it, i just like the burp suite "" and i found a crack file on the internet for the burp site pro i will tell ware but only in private like with an email...
Hello, I retested the CORS labs and noticed that they cannot be solved on Burp browser and Firefox anymore (/log?key=%22Resource%20not%20found%20-%20Academy%20Exploit%20Server%22). Are you aware of this issue?
Hi, The shortcut keys (e.g. ctrl-C, ctrl-v) don't work in the new releases. Please fix. Thanks, Carl
This may be the app I'm testing, but I've updated to the latest version of Burp (2024.2.1.3) and it is breaking CORS on any browser proxied through it. Without Burp I can access the application I'm testing and the browser...
Hello, I was having an Issue regarding a scan which I created in my Burp Enterprise. For some reason I kept on getting the Error, that the start URL in my scope could not get reached. Confused about that Error, I...
my burp suite enterprise server cannot running and i got 502 bad gateway while accessing web. this my ERROR log from /var/log/burpSuiteEnterpriseEdition/enterpriseServer.log 2024-04-01 12:55:24 ERROR...
Found a fun bug in Burp 2024.1.1.6 - 1. Logger tab 2. Select all 3. Export as CSV 4. Accidentally click on the open project .burp file for the target a. Observe that unlike (Save data) there is **no** "Do you want to...
Hello, I've been trying to solve the lab, but not even testing exactly the way the Academy is teaching or how community solutions were made (almost no difference at all) I can solve. I'm supposed to test for SQL payloads on...
Hi, you have Bug in the brute force to GraphQL, I did it right and the payload is correct but still I getting a message of: HTTP/2 200 OK Content-Type: application/json; charset=utf-8 X-Frame-Options:...
When trying to authenticate to auth server the following error is displayed: SessionNotFound: invalid_request at Provider.getInteraction...
Basically as title says client TLS certificate loader doesn't work. On step where you are supposed to select certificate file, when you click select file window pops up but it doesn't show any files that are in the directory...
Hello, after building the payload on exploit server and viewing the exploit, I was redirected to the login page. I tried to login as wiener again there but the CSRF token is invalid ("Invalid CSRF token (session does not...
Hi, Is it possible the CSRF labs are broken? I have attempted the following: - https://portswigger.net/web-security/csrf/lab-no-defenses -...
Hi Team! I'm having trouble solving "clickjacking labs". Every time I try to "deliver exploit to victims", it doesn't work, and the lab stays unresolved. I've tried the solution given by PortSwigger and looked at several...
Hello, I'm trying to solve the lab "Reflected XSS into HTML context with all tags blocked except custom ones" with the solution provided and I also tried other solutions on the internet but when I deliver the exploit to the...
has been mail collaborator switched to use oastify.com domain ? version: Professional v2202.3.9 build 13363 bodik
Hi, I use the embedded browser to access any site, it returns "Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH" in console. Any idea what is the issue?
Please replace this proctoring company with something else - it could not be worse. If I see a cert that uses them in the future I will avoid it.
The lab 'Lab: Reflected XSS with event handlers and href attributes blocked' (https://portswigger.net/web-security/cross-site-scripting/contexts/lab-event-handlers-and-href-attributes-blocked) seems to be responding very...
Hi I am reporting a problem with the execution of clickjacking exercises. I am using a browser in burp. I perform the exercises according to the solutions. Selecting View exploit I noticed that the browser blocks...
Page 3 of 142
Your source for help and advice on all things Burp-related.