Burp Suite User Forum
Hi Portswigger, I use BurpSuite professionally every day, and I would like to request a feature that I have been missing for a long time. Would it be possible to include a way to create folders in the Repeater tab? This...
I would like to be able to import a burp scan (pro) into Enterprise, to use the tracking metrics and reporting features of Enterprise. Is this possible already?
I heard if i use query sanitization sql injections don't work. so my question is : Is query sanitization also can prevent blind sql injections?
It would be great to have an option in Burp to create a NSS Key Log file (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format), it would really help debugging problems with SSL client certificates...
A new dropdown would be necessary. Would be handy to have a tick box to automatically do the host header also Thanks!
Portswigger, I've seen various posts regarding Burpsuite's scanning abilities for SPAs. Can you provide an update on what improvements have been made, current scanning capabilities for SPAs in Pro & Enteprise and what...
Burp intruder provides the option of extracting specific data in intruder results but it has a limit of 100 words only. I tried to grep around 500 words of a token that is being used for the login session but it fails to...
I understand that there is support for AWS EKS to run BurpSuite. I was wondering if BurpSuite Enterprise could be run in an AWS Fargate (ECS) or OpenShift?
We want to set up a few default Resource Pools so we don't have to recreate them every time a new disk project gets set up. Our process when starting a new project is to import a standard default project options JSON so...
Need to generate auth token after 1 hour, How we can achieve it? Scenarios: We get token from google api and token is valid for 1 hour. Need to capture token and pass to other requests after 1 hour Please help
I have requested for Free trial license. But I did not get the free trial license
Hi, Could the queued tasks in the Discovery Session have the same functionality as the Scanner Scan Queue? This would allow the user to cancel individual discovery tasks to lower bandwidth/time, or to prioritise...
Hi, we would like to add two feature requests for private collaborator servers. 1. Please, let us define the base collaborator server sub domain name (and length) 2. Provide an official "API" to access the...
Hi, Is it possible to pause on redirect and have an option to open session built-in browser. Would be useful for MFA or credential attacks where you successfully logon and can continue attacks
Is there an easy way to go from a list with username:password combinations with a specific separator (i.e. colon) to do credential stuffing. I found in order to do this I could make two individual files (one with usernames...
Any thoughts on adding LDAP support to Collaborator? Might come in useful for Log4Shell testing.
Hi, we want API to get repeater history. Though burp API provides proxy history API (getProxyHistory), there is no repeater history API. If there is an API to get repeater history, it is really helpful for us to get the...
Hi, we want API to get repeater history. Though burp API provides proxy history API (getProxyHistory), there is no repeater history API. If there is an API to get repeater history, it is really helpful for us to get the...
Hey support/albinowax, Some suggestions for Burp Collaborator Server config options: - "customHttpContent" for unknown paths to replace that "Burp Collaborator is a service.." default response; - "customHttpContent"...
I encountered a bug where my I paused intruder result to reduce sending all payloads to server as I was lucky to hit the correct response within the first few payloads. After I paused the attack, I went to click Save >...
Page 22 of 64
Your source for help and advice on all things Burp-related.