Burp Suite User Forum
Hi, Burp Scanning does check for "Date" header and its modification, even though its modified in response, it wouldn't call that a "Response Modification". However, the header "Last-Modified" is not whitelisted and...
I have tried some of the apprentice clickjacking labs in the past and could not complete them even though the payload aligned perfectly. I have now come across this issue again in the lab: Exploiting clickjacking...
I clicked 'Compare Sitemaps' and it fills up to 100%, BurpSuite is unresponsive. Env: m3 max, I won't include the version of Java in Burp as it uses the bundler anyway (system uses openjdk 21.0.3 Zulu)
Hi, I am going over the materials on server-side prototype pollution, and I noticed a bug. Specifically, in the `Status code override` section and the code snippet showing the `createError` function. ``` if...
My Sitemap stopped sorting alphabetically, and now just adds the sites in the order Burpsuite sees them. I can't find any setting to undo this. Looks like something is broken here. Started doing this since latest version...
In recent days I have switched to using Firefox as my intercept browser (with foxyproxy addons) this is because when I use the built-in Chromium from Burpsuite, sometimes my laptop freezes within a few seconds. Do you know...
Hello, i have an issue with all labs, that the button (Access Lab) is hiddden i can't find it anywhere!!!
Recently all of our BURP Pro. scans began detecting Out-of-band resource load HTTP (Confidence level: CERTAIN) across different apps. However, this finding only appears "after" the event log reports "Failed to connect to the...
Hi, when I start API Scan and have the session handling rule "Use cookies from Burp's cookie jar" active, no cookies are added to the requests. The Session handling tracer shows events: Applying rule: Use cookies from...
Currently having an issue (v2024.4.5.) where I click the button to "Select File" for the "Location of the Jython standalone JAR file" in the Extension settings and it fails to select anything. When the window pops up to...
I don't understand, but this just doesn't work for me. ``` metadata: language: v2-beta name: "Sql Injection" description: "Classic SQL Injection" given query insertion point then if...
Hi, There was a "Drop all out-of-scope requests" checkbox in the Target->Scope tab. It disappeared after an update. The workaround for now is to use the menu "Settings->Project->Scope" instead (the checkbox is still there...
I am using the latest version of Burp Suite Professional. While crawling, Burp Suite intermittently freezes for a few seconds before resuming. The duration of these freezes increases as the crawling progresses. I have also...
Dear support, I've been enjoying my journey through your labs, and learning an absolute ton! Weirdly though, even though i'm solving labs and marking learning materials as completed, they get marked as solved/completed,...
I noticed that during http2 requests BURP changes the response headers to "First Capital" so any reponse header like some-somethingelse-anything : any value will be replaced as Some-Somethingelse-Anything : any...
Hey Team, When i try to deliver the exploit or test in my browser, this lab give me its invalid csrf although i have checked many times. Given is my payload. <html> <body> <h1>Hello World!</h1> ...
I have an issue, every time I get a confirm window, the Windows ie edit proxy listener doesn't close, it just stays there, it happens to me on the proxy listener, and also on the intruder module, when closing the scan, I was...
those are also incorrectly processed by my lab, my payload in search does not read properly. Everything is fine in response, but the next request does not execute. request: GET...
When doing the initial click jack lab the exploit sever view isn't the same as what's described. When using the https://0a3e0068041332ff820d5100003a00a8.web-security-academy.net/my-account. the exploit view is showing...
I'm getting slow responses (up to 20 seconds delay) when working at least with CSRF labs (haven't tried other labs yet), examples are: Dec 07 11:20:18 MSK...
Page 6 of 148
Your source for help and advice on all things Burp-related.