Burp Suite User Forum
Hello, I installed Burp Enterprise in a Kubernetes cluster through the provided Helm chart, and I ran into a strange issue with the bsee-connection-check job running out of memory. After modifying the values.yaml file to...
Hi there, I would like to let you know that the Oauth server returns the error "Internal Server Error" in the lab "SSRF via OpenID dynamic client registration". May you have a look at it? Thanks, Jesús
I can make sure I'm doing everything right, but almost every experiment that requires a web extension service to submit to a victim fails to complete the experiment after submission!!!!!!
Hello! Have completed all 23 "Lab from all topics" from "Exam preparation steps", but in Dashboard tab it shows 22/23. I think it is bug. Please help me. Thanks!
in the step 5 they all time show me that CSRF token is invalid. Even if I follow the video tutorial the thing is same. so help me to solve the lab.
Hello, I have been working on Burp Suite certification (2/3 or 3/3). I have encountered a File Path Traversal and have tried various solutions, including different payloads, obfuscation, encoding in various ways, and even...
Testing with the latest release of BurpSuite Pro against an instance of Keycloak 16, I get a number of reports of "SQL injection" issues. However, when looking at the response HTML I see no indication of any errors, which...
Our team already tried injecting the license key. But when updating to V2023.2 burpsuite, the scan engine is disabled. They have tried fixing it but still can't. Could you please help to fixing it?
<img src=x onMouseOver=alert('Hello')>
Hello, Since burpsuite_pro_v2023.1.2 the extensions cannot load their previous preferences. The extensions load/save the preferences by the following APIs: - loadExtensionSetting(name) - saveExtensionSetting(name,...
Hi, it seems that there is a bug in the lab "Web cache poisoning via an unkeyed query parameter". The response to GET / never gets cached as the server always return X-Cache: miss. Cheers, Jesús
Hi, the following error message is displayed when I click on open browser in the proxy menu: net.portswigger.devtools.client.impl.connection.local.n: Failed to read dev tools web socket The browser opens, but I cannot...
Hi, I need your help. I have a problem with the report. For example, on the 15th, I scan and export the report. I can clear the cache, but the 17th export includes lots of Issue Definitions that have responses in the 15th.
After quite some trial and error and taking a look at the solution, it seems the lab is broken in its current state. Submitting the following request based on the solution will result in the server not responding and...
Hey Folks, I have my font size set on 15 on a QHD (2560x1440) screen with 125% scaling and when I try to use the HTTP Request Smuggler extension I am unable to see some of the options nor the button to start the extension...
Hello This issue fairly occurs with "bigger" websites. It feels like scanner bloats and stops working. Is therea any solution for this? Do you guys need some kind of report or log from my end? Thanks in advance
I opened a thread on Feb 9, 2023 as I was not able to continue installing Burp...
Hi! A correct POC (generated by Burp Clickbandit, tested in Chromium Version 111.0.5563.64 (Official Build) (arm64)) does not solve the...
https://portswigger.net/web-security/host-header/exploiting/lab-host-header-host-validation-bypass-via-connection-state-attack The lab does not require to conduct request smuggling attack and can be easily solved by the...
I have tried to use the intruder attack but the intruder tab does not open up to see what is going on. Tried reinstalling Tried rebooting the PC Burp suite pro version 2023.2.4 is installed on Ubuntu 22.04...
Page 7 of 126
Your source for help and advice on all things Burp-related.