Burp Suite User Forum
As part of Active Scan, I know I can fine-tune heuristics to disable Infiltrator for some individual issues. However, I need to sort by Detection Methods, and open each of them to check if Infiltrator is enabled, and then...
When I open Burp in OS X, I have to click through two screens - the first for project creation/load (defaults to 'Temporary project'), and the second the config loader (defaults to 'Use Burp defaults'). I would love have...
Hi Team, Hope Issue object also record the original HTTP Message(base request and response) when record the HTTP messages on the basis of which the issue was generated. why I need this? I want to write a...
Is it possible to randomize the order of the scanning queue? If not, can I access the queue from Jython? Thanks Jonas
Hey, Burp should add a feature to export Report according to OWASP top 10 vulnerability.
Burp suite currently doesn't support IPv6, except through /etc/hosts tinkering (which fails if there are redirects in the application e.g. to absolute IPs). IPv6 is widely deployed in a number of markets and a professional...
Hello, It may be helpful for troubleshooting to add a hint to proxy error pages about out of scope responses when dropping out of scope requests. Users may forget that the under the project options tab, connections...
Love your product, been using it for over a decade. I just had an idea for a feature that I think would be really interesting and useful. You could dynamically create a proxy autoconfig file that would only proxy items...
Hope to add a scope blacklist option."Don't send items to Proxy history or other Burp tools, if in scope black list". and take effect before any other rules that filte traffic. if we just don't want to see noises like...
- Character length - Modify case: reverse/invert case (also in Case Modification payload type) - Reverse string - Trim whitespace (leading, trailing, both)
.
Hello, it often happens that Burp causes 100% CPU usage when the Static Code Analysis is enabled, which is to be expected to a certain degree. Something that would really help understanding what's going on would be some...
Hi, with your new update in changing the # of threads into # of concurrent rate limit; could it be possible to limit Active scan to a single thread? I test apps which often have very complex session management, or...
Hello. In some cases Content Discovery may find many trash and add it to sitemap. If you don`t wait it, you not uncheck box of automatically site map add items. I think, it`s will be good for button for: 1. Add in sitemap...
burp should support none http proxy, some application use none http to login, so if i proxy the http request, the application can not login! please handle this problem.
"><img src=x onerror=prompt(2)> <h1>test</h1> x
"><img src=x onerror=prompt(2)> <h1>test</h1> x
In Scanner / Options / Scan Issues, there isn't a way to quickly disable or enable all issues. I only wanted to scan for SQLi but had to manually click through every other issue to turn it off. An option to turn them all...
Hello, it would be very usefull to add a "Burp collaborator settings" into the User options and add a standard "override" feature in the project options. The people who has is own collaborator server otherwise have to...
It would very usefull to set a proxy and socks configuration for the polling server of the burp collaborator. Currently no upstream proxy is used. Maurizio
Page 50 of 64
Your source for help and advice on all things Burp-related.