Burp Suite User Forum
I try to get selected content with function "getSelectionBounds()". but I found it return wrong indexes when message contains Chinese, and Chinese is in front of the selected. here is the code of test: source =...
When loading an extension that uses the burp.api.montoya.ui.menu.MenuItem.basicMenuItem method, I receive the following exception: java.lang.NoSuchMethodError: 'burp.api.montoya.ui.menu.BasicMenuItem...
Hello I have an iMac M1 and work with Parallels and Kali Linux as VM. There I installed burpsuite with sudo apt install burpsuite, but I cannot open the Browser. I cannot insert the screenshot which I have made. What...
Hello, For the last couple of versions, I have encountered weird visual glitches of Burp Suite. Video showing the issue: https://www.youtube.com/watch?v=BgXuIyel_MI At 0:40, it even shows the content of the other Burp...
Hi, I can't solve the lab. I am sending the following requests, ----- 1. ----- First request (Please note that the Origin header has been added 2 times): GET /js/localize.js?lang=en?utm_content=z&cors=1&x=1...
Hi We find this issue in one of our websites and we think that is a false positive. Data is read from window.location.href and passed to the 'append()' function of JQuery via the following statements: - url =...
the lab called "CSRF where token is tied to non-session cookie" https://portswigger.net/web-security/csrf/bypassing-token-validation/lab-token-tied-to-non-session-cookie has a problem.I put this code on the body of the...
Burp Intruder Payloads options simple list section is not allowing me to: 1. Add from list 2. Load custom payloads
In Web Security Academy on Access control Topic, The 3rd Lab which is been provided with two you-tube video for community solution. The Second Video "Which is been Michael Sommer sir video" that video is the solution of 4th...
$ uname -a Linux kali-raspberry-pi 5.15.44-Re4son-v7l+ #1 SMP Debian kali-pi (2022-07-03) armv7l GNU/Linux $ java -jar -Xmx2g burpsuite_community_v2023.5.2.jar Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on...
Hello! I got popup window from alert() function in this lab, bit it does not marked as resolved lab. Something wrong? Payload - <svg><animatetransform onbegin=alert('hi')>
Lab is not solving whatever I can try to do, step by step tutorial doesn't help
Hi, For an intruder containing three results with status codes (200, 302, ...) How to reproduce: 1. Go to 'render' in http response of the first item - keep 'render' visible 2. switch to the item with status code...
Hello people, I have installed burpsuite_enterprise_windows-x64_v2022_1.exe on windows server 2016 and now I want to uninstall it. However, when I run the uninstaller it gaves me an error like this and alert me it was...
Hello When opening the application this morning we found that BurpSuite is asking for the license key, and after providing the key that should be valid until November 2023 it says it's invalid. Logging on to the portal to...
Hi, I'm able to reach out to http://burpsuite in Chrome. I downloaded CA Certificate -> cacert.der However, the file which I downloaded is the expired CA certificate which I'm not able to add to Keychain Access on...
Hi, It seems impossible to fetch the victim's session because it always gets truncated (see at the end): <li> <a...
Dear PortSwigger support, We have a Burp Pro license (for 70 activation) for very long time. When installing Burp we are using the offline-activation feature but as of few weeks ago this does not work anymore; After...
I can't solve lab tried many times, help here is the code - POST / HTTP/1.1 Host: 0a90006303d9bbc387c5700800820036.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-Length:...
burp scanner keeps raising the issue(s): - TLS cookie without secure flag set - Cookie without HttpOnly flag set. However, when replicating the same request manually (either by closing the session and re-opening, or...
Page 33 of 152
Your source for help and advice on all things Burp-related.