Burp Suite User Forum

Create new post

Facing issues while running the Burp Infiltrator

Hi Team, I'm trying to use burp infiltrator and trying to solve the issues which have occured while running this tool. Also, trying to find more details on internet but not found much details so thought of discuss this...

Lab: SameSite Strict bypass via client-side redirect - this lab broken too

This is my solution and works with view exploit, but not working when delivering neither in chrome, not burp. Therefor unfortunately the lab is broken. Can you please fix please? thank...

Unable to filter X-Forwarded-Host with Param Miner Burpsuite Professional v2024.5.5, Lab: Password reset poisoning via middleware

Hello I have attempted this lab: Password reset poisoning via middleware, and run Param Miner on this request, choosing the "Guess Headers". I have tried this thrice, but I still could not get the X-Forwarded-Host even if I...

extender

So this 'issue' has been happening to me for the last few versions of burp suite pro. right now I am running the latest .18 version. In the extender tab i have the option to automatically reload extensions on startup...

Extensions are not loading with Burp defaults

Hi Team, I always use Burp defaults option for configurations while opening/creating projects. I have a few extensions installed such as Retire.js, TokenJar, Active Scan++, etc. What my issue is that all the extensions...

Burp Suite Param Miner

Using the param miner via 'Extensions->Param Miner->Param Miner->fat GET' result in 'Queued 0 attacks from 1 requests in 0 seconds' in the output of the extension. Does anyone know why it doesn't scan anything?

cannot modify request in insertion bechecks

Hello Is there support modify request in insertion-base bchecks? Sometimes we want to continue modify request after replacing or appending payload, like change mehod or add some headers.But I found I cant do these when I...

Query Associated Param miner

What is the purpose or use of the option "canary" in param miner when guess all parameters option is selected?

Burp pre configured browser is not working

When am opening burp pre configured browser its not working. Am seeing browser opened but not able to access anything in it showing error as "Error code: STATUS_DLL_INIT_FAILED"

withUpdatedParameters(List) function updates only the first parameter

Hi, I'm struggling with modification of the request payload in a class extending ExtensionProvidedHttpRequestEditor. In the getRequest() function, I'm packing the content of my custom editor and want to update request...

turbo intruder

my intruder works fine with macros but turbo intruder won't

Turbo Intruder Not starting

Im very new to Burp Suite, i also never used sm like this. Today I was trying to solve the Bypassing rate limits via race conditions Lab by following a video but somehow im just stuck at the part when i start the attack on...

Has the new MontoyaAPI removed the saveExtensionSettings and the loadExtensionSettings method

Hi, I am trying to develop a Burp Suite extension, and the work is almost done. Now, I need to implement a persistent way to store the data used in the extension. I did try the PersistedObject to do the same, and I have...

AI Automated Scan

Hello, Could you please he me with question below? Burp Suite professional tool will support AI(artificial Intelligence) application security testing? Are there any AI(artificial Intelligence) features configured in burp...

HTTP Request Smuggler doesn't work

HTTP Request Smuggler is not working properly, when I start Attack, it does not proceed from "ENGINE WARMING UP". The execution environment is as follows. ・Burp suite:2023.10.2.3 -2023-10-02 ・Extension : Both are the...

API Testing using Postman Collection file

Is there any Burp Extension to run API Testing using Postman Collection file?

tcp proxy

Dear Sir, Can we capture and modify the tcp request and response through burpsuite.

Montoya API Scanner Examples

Hi, I'm trying to build an extension that reads results from the BurpSuite Pro scanner using the Montoya API and I was wondering if there are any examples out there for how to handle audit issues?

Importing and Using Arbitrary Java Classes

Is it possible to make use of arbitrary classes imported from external modules in Java, e.g. the UriBuilder class? My extension makes use a class in the same project folder that implements logic to generate a token that I...

Custom Send To on Mac

Hi all, i’m curious if anyone has installed and run the extension called Custom Send To on a Mac? I am looking for a way to send the body of a response to a API/URL and receive back response from that URL and this was...

1

…

Page 1 of 49

Burp Suite Support Center

Your source for help and advice on all things Burp-related.