Bug Reports - Page 45 - Burp Suite User Forum

Burp is capitalizing the Headers, which breaks some implementations

I realized that when proxying though burp the headers are forwarded capitalized. Ex.: The OPTIONS request returns "Access-Control-Allow-Headers: x-accesstoken" The request in the browser contains the token in...

Ctrl + A-Z doesn't work in Proxy and Repeater

Hi! I've got an issue when hotkeys like copy/paste don't work in some tabs (like Proxy, Repeater and Settings) but work in other tabs (like Decoder). There are similar topics on the forum, but the only root cause I saw...

Can't read Burp File

Hi, Since yesterday, I have been unable to view all the request/response data in the Proxy > HTTP History section of BurpSuite Pro. Whenever I try to filter the data, I receive the following exception (as logged in the...

Collaborator Everywhere and Log4Shell Everywhere Nonfunctional in 2023.1.2 Professional

Hi, Since upgrading to Burp Suite 2023.1.2, myself and colleagues have experienced issues with the function of the Burp extensions Collaborator Everywhere and Log4Shell Everywhere. When installed and loaded, both...

Burp Suite Enterprise Edition does not see/use all present RAM on the server, does not provide AUTH scan.

At the moment we are evaluating the BSEE solution and faced an issue with using recorded login sequences. The application sends an error "The scan is configured to use recorded login sequences. This requires browser-powered...

"discord.com" does not work with new Burp version

The Discord web app does not work with the new Burp versions anymore. If you go to the site and login/register, then try to open the web app (discord.com/app), it's stuck on connecting. This only started happening in...

A bug in BurpExtension that causes the response to be determined to have changed.

In BurpExteion IProxyListener(Legacy API) and ProxyResponseHandler (montoya API), Burp interprets the response as modified even though it is not. If you check the Burp history, you will see that the response "Original...

M1 Mac error

I built an extension for someone that worked fine on the 2023.1.2 Burp Suite version on Windows 10 and 2017 Intel Macbook Pro but not on their M1 mac running 2023.1.2 version of Burp. Not sure what would be different, the...

I just installed burp suite but cannot scan due to machine health

When I check scanning machine details , I get license pending however I activated my license I was hoping somebody could kindly help me with this

Proxy issues when using curl, python, openssl s_client

Hi there, I'm having issues with Burp 2023.1.1 and 2023.1.2 on both the personal and community editions where the proxy works fine when using the builtin browser or mobile application, however when trying to replay previous...

Installer on Fedora 35 dispaly an empty red/rose dialog - no buttons...nothing

HGi, I downloaded the burpsuite_community_linux_v2023_1_2.sh, then I tried ./burpsuite_community_linux_v2023_1_2.sh as well as with sudo, I get a message indicating Unpacking JRE ... Starting Installer ... then a...

Burp 2023.1 - all HTTP responses show as edited

Hi, In Burp 2023.1, all HTTP responses show as edited and I can select between original response and edited response in the Proxy HTTP history. However, there are no differences when comparing the two, i.e. the response...

Scanner Stops Scanning

Scanner stops scanning when a request is made which times out. Watching the requests in Logger++, the comment field contains 'Timed out', but the 'completed' checkbox is not ticked. The scanner pauses. Pausing the scan...

Lab: DOM XSS in jQuery selector sink using a hashchange event

The solution for this doesn't solve the lab.

Burp Browser - Getting logged out & "The anti forgery check failed."

Hi I am doing the Portswigger Academy labs using the Browser in Burp Suite on Windows 10. This means I have to sign-in to the site from this browser. However, I am continuously being logged out and when I try to sign...

Copy as curl command in Burp Repeater doesnt include --compressed flag even if the request has Accept-Encoding: gzip, deflate

Hi Version: Burp Suite Professional v2022.12.25 Please note the "Copy as curl command" in Burp Repeater doesn't include --compressed flag even if the request has Accept-Encoding: gzip, deflate. The issue is that...