Burp Suite User Forum
Hi, would be great if you could allow threads "per group". You dont want to burn one target down, but you might want to test other bits in parallel. An idea would be to allow an identifier set for a group per target...
Currently NTLMv1/v2 platform authentication requires the plaintext password, but often the hash value cannot be cracked easily back into plaintext in an expedient manner. Additionally if the hash is generated based on a 2fa...
Hi everybody, I did some test and seems that currently the active scan configuration is used to generate test cases when the scanner start to execute the tests on a specific request. That mean if you have a long queue and...
Currently NTLM authentication used in burp in not shown in any request and cannot be tracked/checked in anyway. A log should be usefull to check if there is problems. Maurizio
Please add a confirmation dialog to clear history from the right click menu option. This is far to destructive to the project integrity and irreversible right now.
Does Burp supports Windows 2012 R2 ?
It would be very good to have some sort of keep-alive functionality to ping server whether it is still up, and depending on the pre-set response by user (e.g. custom error message), it would pause Active scanning until the...
Dear Portswigger Team, Thanks for the brilliant work on Burp Infiltrator. I frequently run Burp Collaborator in internal environments without any outbound Internet connectivity, which means I have to set up Burp...
Hi, I am trying to run a request with a macro and post-macro to do this: Macro1 req1 / resp1 => extract param from rep1 Request get param from from last macro's response req / response (post)Macro2 ...
Any chances this feature will be supported in the near future?
It would be very useful to have API to modify the configuration of the scanner via an extension to run specific active scan with custom configuration (like run scan without cookie etc).
?<iframe src=javascript:alert(419)>
Hello, Why can't we restore Burp Colloborator Client? It should be possible for pentesters to also save the results of Burp Collaborator Client and then restore, as with any other Burp tools. Thanks
Hi Guys! I have a situation running burp that requires a different upstream proxy for scanning. The idea is, basically allows you to select where the upstream proxy will be applied (Scan, Intruder, Repeater and stuff)....
Hi, I'm looking for a way to prevent Burp from recording some item in the Proxy history. The main reason is that I'm intercepting quite a lot of traffic from the intercepted device, which quickly increases Burp's memory...
Hi I will explain the idea by an example, suppose this website " target.com " points to two IPs ( 1.1.1.1 & 2.2.2.2 ) and these IPs has open port " 80 " now we have 4 entry points to test A) when the server...
I nearly missed it as Burp only showed "HTTP Trace method is enabled" as informational, but actually this was pretty interesting: Request: TRACE / HTTP/1.1 Host: example.com Cookie: 6bwxjeof12 Connection:...
So there is this new feature in Burp Pro under Engagement tools named "Simulate manual testing". It is awesome but it would be even better if it could automatically do conf calls with the client and generate the report, Q/A...
Hi, Right now macros only can be used as a session handling action to set a parameter or a cookie, but it would be very useful to use them after performing a request to test the contents of another response (for example,...
It is not possible to sort ASC or DESC by pressing the column name in the Open Existing Project panel. This is very useful to have. Thank you. Keep up the good work.
Page 58 of 66
Your source for help and advice on all things Burp-related.