Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

proffesional version

ok so when you select community version and click download you can select either pro version or community and if you select pro it actually downloads without you having to pay

Last updated: Dec 27, 2022 10:52AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Error when we try to launch the browser

Below error message is displayed when we try to click on open browser in proxy menu net.portswigger.devtools.client.an unable to start browser

Last updated: Dec 23, 2022 11:29PM UTC | 5 Agent replies | 8 Community replies | Bug Reports

[WebSecAcademy] No bot access when after click deliver-to-victim

Hi admins, I'm sorry if here is not the place to report the bug of WebSecAcademy. I tried to find somewhere to report, but I cant, so I decided to come here :). When doing the labs in WebSecAcademy (exp: OAuth,...

Last updated: Dec 23, 2022 12:42PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

unable to download burpsuite

looking at the download links for community and professional, ive tried loads of combinations, different browsers, different virtual machines, vpns but there doesnt even seem to be a download url associated with the download...

Last updated: Dec 22, 2022 01:44AM UTC | 1 Agent replies | 4 Community replies | Bug Reports

GBK encoding not supported resulting in a CRLF injection in burpsuite client.

Hey, just wanted to let you guys know that gbk encoding is not supported (ex 嘍嘊). So it resulted in a CRLF injection in my own request. Here is my tweet about it with PoC pictures:...

Last updated: Dec 20, 2022 09:41AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

BurpSuite intruder bug

Trying to change host like so: Payload 0-255. GET / HTTP/1.1 Host: 192.168.0.§0§ Intruder automatically changes the Host to: GET / HTTP/1.1 Host: 0a1a0033046cbd6dc45355c6007a00c3.web-security-academy.net Thus...

Last updated: Dec 20, 2022 05:30AM UTC | 0 Agent replies | 1 Community replies | Bug Reports

CORS lab not functioning properly.

CORS labs do not giving intended HTTP results. POC: I tried "CORS vulnerability with trusted null origin" lab with below request GET /accountDetails HTTP/1.1 Host:...

Last updated: Dec 19, 2022 04:27PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Auto-scroll also changes focus since 2022.2.6

When looking at req/responses via Burp Proxy history with "Auto-scroll to match when text changes" the first match is not only auto-scrolled to but now also "auto-focused" on. So one extra click to get back to Burp Proxy...

Last updated: Dec 19, 2022 12:37PM UTC | 6 Agent replies | 3 Community replies | Bug Reports

Scan descrepency

Hi Team, I am looking out for an explanation or help to get the scans right. I have observed discrepancy in multiple scan results ran on the same application. Please help. Scan no 7: Trying to run active scan by giving...

Last updated: Dec 19, 2022 12:31PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Facing issues when mysql jdbc connection with BurpEnterpriseedition

Hello Support, am facing issue when connecting mysql jdbc with BurpEnterpriseedition 2022-12-19 07:10:08 [qtp751284665-49] INFO b.common.repository.DatabaseModule - DB timeouts: idle=60000, max life=120000 2022-12-19...

Last updated: Dec 19, 2022 10:37AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

CORS policy

Hello; I using Burp pro v2022.12.4, i get a CORS error(can't make prefilight request) when login into seller.viettel.vn(yesterday morning, i still login). I dont know how to fix this bug. Help me plzzz

Last updated: Dec 19, 2022 10:36AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

An error occurred. We apologise for the inconvenience.

Hi, I am going through Web security Academy Labs, I get the following error when I access "OS Command Injection Lab" "An error occurred. We apologise for the inconvenience." But other labs such XSS and SQLi are working...

Last updated: Dec 16, 2022 04:06PM UTC | 6 Agent replies | 12 Community replies | Bug Reports

OpenJDK 7 Multiple Vulnerabilities

The version of OpenJDK installed on the remote host is prior to 7 <= 7u351 / 8 <= 8u342 / 11.0.0 <= 11.0.16 / 13.0.0 <= 13.0.12 / 15.0.0 <= 15.0.8 / 17.0.0 <= 17.0.4 / 19.0.0 <= 19.0.0. It is, therefore, affected by multiple...

Last updated: Dec 16, 2022 01:27PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp v2022.12 and 2022.12.1

Hi, in Burp Scanner reporting wizard when "Select the file where the report will be saved" and I want to select the file, it let me select it but than it doesn't work, the select file field remains empty.

Last updated: Dec 14, 2022 01:04PM UTC | 4 Agent replies | 3 Community replies | Bug Reports

Examity does not redirect me

Hi, I'm currently not getting redirected to start the exam once I'm logged into Examity. Is there maintenance still going with their service? Or is it something wrong on my side? Kind regards,

Last updated: Dec 14, 2022 09:20AM UTC | 4 Agent replies | 2 Community replies | Bug Reports

Burp Pro Intruder Not Showing Results

Hi, Am recently having an issue with Intruder where the results arent shown, Intruder loads and allows me to start running but when trying to view the results the the icon shows in the taskbar but is pixelated heavily and...

Last updated: Dec 14, 2022 07:53AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Authentication bypass via OAuth implicit flow - Not working

Hello, I'm trying to authenticate the lab using given creds. The application stops in /oauth-callback url. No error only empty page. I used multiple browsers issue is same. Please help.

Last updated: Dec 12, 2022 06:34PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Practitioner Clickjacking Labs Not Working - Multistep and Trigger DOM XSS

Sorry to raise this issue as I see others have in the past but I cannot get either of the Practitioner Clickjacking labs to solve. Both these exploits appear to align well with the buttons in Chrome, but when I deliver the...

Last updated: Dec 12, 2022 08:38AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

"Lab: CSRF where token is duplicated in cookie" using Firefox

Hello! It seems Firefox's [Standard Enhanced Tracking Protection](https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop?as=u&utm_source=inproduct#w_standard-enhanced-tracking-protection) blocks...

Last updated: Dec 09, 2022 11:03AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

lab-2fa-simple-bypass

An error occurred. We apologise for the inconvenience.

Last updated: Dec 09, 2022 09:06AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

47 48
49
50 51

Page 49 of 156

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image