Burp Suite User Forum
I'm currently trialling burp enterprise at the BBC and am struggling with scoping a scan because I can't use regexs in the advanced URL control for a site. The BBC is heavily TLD oriented so trying to scan /iPlayer means...
It would be nice to have a real auto update that does not require to manually launch the installer and clean up dmg files.
When sending a request from the proxy to Repeater or Intruder, if a comment exists, include that in the tab name in Repeater or Intruder. For example, I'm in Proxy and am looking at my initial auth request. I enter the...
Hi, PortSwigger Team, Burp produces CSRF Poc, Support json request csrf poc?
Hello, Until recently, Burp Suite had a very useful feature that allowed the selection of the entire parameter name of value with a double click. Since a few updates ago, this was removed, with Burp Suite now behaving...
Hi, I've been playing with the rest API, and found that when you audit the same url twice, the results from the first audit are not included in the results of the second audit. This is highly annoying obviously, as...
When I run Intruder, and I see "Error" in the results, because no response is sent by the server, I can't filter out such items by HTTP code (because there is none). Similar to filtering 2xx, 3xx, 4xx, 5xx could you add 1...
Is it possible to add GPU accelerated scanning? It slows to a crawl when actively scanning a website, with CPU being maxed out. Thought if a powerful GPU is used, it would cut down on the time it needs to analyse the site...
Hello, Me and some other people find kinda annoying that the request sent in repeater are not added to the target sitemap. It would be super useful that it does or at least have the option to enable that. Thanks
Hello, It would be great to have a Searchfied in both Comparer windows and to be able switch the comparing priority between the 2 requests/responses on Comparer result window. thx
I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...
I want to ask before buying the key burpsuite pro. copyright is attached to email or device, because I often have to change the use between my laptop at work and my home computer? You can support me, you sympathize because...
What have you added to burpsuite as an alternative to spider?
Dear PortSwigger, We are doing pentests for our customers and we would are now developing some web interface in which we can feed urls and send them to to Burp REST API. We think that the API should and needs to be...
Hi, when I open cookie jar (and/or edit cookie), I would like to see all possible information about cookies. This would include a presence of HTTPonly, SameSite, or Secure flags. At the moment, it's not present there. Would...
The Macro editor and session tracking features only seem to allow for updating of Cookie Values through a macro when a session becomes invalid. I have an app that utilizes an Authorization header with a JWT as its value to...
Byte size is not helpful since I can see response length in the message editor. How can I switch back to showing response time in Repeater in the bottom right-hand corner?
Hi, I was working on Lab: Basic clickjacking with CSRF token protection and accidentally deleted Carlos account. Will you be able to reinstate Carlos's account for this lab exercise pls? Thank you....
Hi, When we override processProxyMessage(), the modified requests and responses are logged in Burp. However, if we override processHttpMessage(): - Request: Only the initial unmodified request is logged - Response:...
Hello, I like to see response time and as I know I can't display it as a column in Intruder. Is there a way to do it? If not do you plan to add this feature soon? Thank you
Page 38 of 64
Your source for help and advice on all things Burp-related.