Burp Suite User Forum
How do right-click tests assess the effectiveness of context-sensitive options and improve user interactions
When a private Burp Collaborator server is deployed behind a load balancer, for example, in a Kubernetes cluster, the source IP address of requests displayed in Burp will be the IP address of the load balancer rather than...
Please provide the Burp Suite Features/Data Sheet
Hi, It can be the case that pentesters would run many intruder attacks for different reasons, and it could be quite helpful if there is an option to 'name' the performed attacks - same as what one might do in the...
Adding BChecks was a great move by PortSwigger, however I feel they're missing a huge use case. Right now they're used as a scanning routine, across the app, with all checks. However to extend the massively would be to scan...
Hi im now cert exam. I accidentally closed the "examify" tab. i cant reopen help me pls.
Often while working on web apps I like to review traffic with intercept turned on just to get an idea of the flow. It would be very slick if I could highlight and notate traffic right from the intercept panel so that when I...
It would be helpful to be able to quick switch between projects once burp is open. As it is today, I have to: 1. close burp 2. reopen it and wait for it to load 3. select project from "Open existing project"...
While performing a scan some issues that are identified are a false positive, which I can manually identify as such. It would be helpful if I can also identify to the Burp Scanner what specifically in the response that...
Hey there, I am going with flow in portswigger academy I finished up Broken access control with all labs but the learning material progress is stuck at 0%. What could be the possible solution for the same ?. Regards
Hello, Would it be possible if burp lists the libraries that it uses (like bouncycastle, nimbus, fasterxml, etc) in the release notes. This would allow extensions to use the version already provided in burp, instead of...
Hi Team, We are not able to intercept the flutter Application traffic in burp-suite. Questions: I) Is it possible to intercept traffic using? II) How can i intercept traffic using burp?
Hi, I just want to know that, how many concurrent scans can we run with Buprsuite pro?
Hi there, After running several intruder attacks and saving it to the project file it's really difficult to identify what each attack is without having to open it. It would be great if you could name them or mark them up...
My idea is to dynamically call other checks through one check for further processing The first check can hit sensitive information, and then call another bchecks file for further inspection. I don’t know if you can...
When Burp performs DOM-based scanning, is it possible to utilize the API to extend the scanning to identify custom issues? For example, looking for the presence of certain content in the built DOM?
burp chromuim with dark mode
Earlier there was a "Delete Account" feature using which you could easily delete an account. But now it seems that user has to email support for deletion of his own account. Why the change?
Is there a function like readFile for iterative list run for each: variable_name = "variable value 1", "variable value 2", etc. run for each: variable_name = {readFile("/tmp/payload.txt")}
The generic driver can already be wrapped by a Github action and be made to kick off scans on repo push or other events. However the current output options are not developer friendly in that it requires digging on their...
Page 11 of 66
Your source for help and advice on all things Burp-related.