Burp Suite User Forum
When I try to perform the View Exploit function on this lab I receive "Resource not found - Academy Exploit Server", stopping me from completing the lab.
Hi, since yesterday some labs can't be solved even if i copy and paste the proposed solution.the labs are https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink,...
Hello, In the past i solved these labs without any issue. Now i can't even "Solve" the easiest one, CSRF vulnerability with no defenses. If i view the exploit the mail updates. Delivering the exploit doesn't work, does...
Hi there, Context: https://portswigger.net/web-security/cors/lab-null-origin-whitelisted-attack Issue: Exploit does not trigger, when viewing the exploit on Firefox or Chromium. Still works on Google Chrome (unless you...
I recently renewed my Burp Suite Pro subscription and noticed a charge of $450 on my account. However, I have not received any email update or license key associated with this renewal. I have checked my spam/junk folders and...
I'm using Burp Pro 2024.5.3 and when I start crawling via Scan -> Crawl, a Chromium popup appears on my dock, but it won't open, and the crawl only retrieves robots.txt.
Accidentally broke one of the labs - https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions/lab-samesite-strict-bypass-via-cookie-refresh steps to reproduce: - open burpsuite chromium browser - copy...
Hi Team, During the lab I ran into an issue with the rate limiting of the community edition with the Lab: Username enumeration via account lock. Here you need to lock the account to figure out the username and see...
Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried...
I am working on improving on of our extensions and I noticed, that a JTree does not render correctly with the default look and feel of BurpSuite. Icons are missing and the indentation of individual notes are also not...
Hello, according to the Sollution when i use 2 HOST headers such as GET /?cb=123 HTTP/1.1 Host: 0aa300a60483e49080313f3f008e0077.h1-web-security-academy.net Host: example.com I receive HTTP/1.1 403...
I have tried to complete the lab: "Lab: Basic clickjacking with CSRF token protection", and thought I had a correct answer but when I sent my exploit, the lab was still not solved. After much trying I checked the community...
Burp Suite Pro version: 2.1.05; Steps to reproduce: 1. Start Burp Suite Pro; 2. Launch new scan, using REST API, i.e. do HTTP POST scan configuration to http://127.0.0.1:1337/$apiKey/v0.1/scan; 3. Poll scan status...
I have updated to the latest stable version v2023.5.2, and the burp browser was uninstalled from the burpbrowser directory. When trying to use the browser, the following error message pops: java.io.IOException: Cannot run...
First of all, thank you for your great efforts to make HTTP2 available in Burp. I'm using Go gRPC example application named RouteGuide(https://github.com/grpc/grpc-go/tree/master/examples/route_guide) to check Burp can...
Hey, just looking to see if its a known issue RE: Bchecks using "report issue and continue" via a host it works via the test cases tab but on running via "scan" and "launcher" and run with "Audit checks - BChecks only" and...
If a server advertises h2 in ALPN, the repeater tool changes protocol to this and refuses to change back. To repeat, create a new tab in repeater and paste the following content: -------- GET / HTTP/1.1 Host:...
Hi all, I'm unable to spin up that lab. I'm always met with a 504 "Page isnt working now" error code. I know some of yours labs have been under maintenance for the past days; I was wondering if thats also one the lab...
Hi BurpSuite team ! I was hoping I could practice CSWSH but the lab is not working. A new tab is opened, and eventually closed automatically. Is this lab also part of the on-going maintenance? Thank you!
Hello, i have a problem with my burp. After I installed the latest version, my cursor is not accurate. It happens at request/response editor. For example, when I try to edit a request on the repeater tab, then I click on a...
Page 5 of 148
Your source for help and advice on all things Burp-related.