Burp Suite User Forum
I configured burp correctly, the latest version, however, after turning on the proxy, the page does not load, the handwheel is spinning around and in burp I have the following info: what should I do? GET /...
My app is using NTML authentication and set the platform authentication but unable to ntml authorization header in the burp request .
Hi there! I think it would be very useful/helpful if Burp had an option to save custom intruder settings. For example, if as a researcher I tend to scan IP ranges using a sniper attack with numbers ranging from 1-255, I...
Currently the view filter supports status code but it would be helpful to also be able to filter by request method (GET, POST, PUT, etc). Thank you, Micah
The current scope dialog uses protocol, host/ip, port and file as a filter, however, there are times when it would be useful to filter on HTTP method too. For example when working with a RESTful interface that uses the...
Hi, I'd like to write an extension that fits into the Content Discovery functionality. At the moment there's no Montoya API for the functionality I can find. Are Discovery overrides on the current API roadmap?
hello,i want to reset all my progress(labs,learning path). Can u do that?
Hello, I have been using Burp Suite for some months now, and I would like to share my experience as a blind user. First of all, the majority of the interface is not navigable with a screen reader. This is due to the fact...
Hello, as already requested by other users two years ago (http://forum.portswigger.net/thread/1088/populate-enable-include-relevant-extract) I think it would be very useful to add the "include relevant extract" option also...
More and more of the Web apps I am pen-testing rely on Websockets for their main communication channel, and vector for XSS/sql-injection/CSRF etc. This would be very helpful if the functionality existing that exists for...
I hope this message finds you well. I am reaching out to address a perplexing issue that has been affecting our platform, Apply4U. Despite consistently garnering a substantial monthly traffic of 100,000 visitors, we have...
Good day, Would it be possible to get a license installation reset in our account/user management? We work extensively in VMs due to the nature of our work and have to delete them most of the time. Doing this, we hit the...
Hi, The latest version of Burp Suite Pro does not come with a collaborator client. Why is that? And if it is not available could you provide an alternative for it? Thank you.
In the context of race conditions attack and Sending requests in parallel. I have a POST request to apply a discount coupon code and a GET request to view the cart. As an alternative for "Sending requests in parallel" we...
Hi, Could you please reset my all proggress?
Hi, I have solved xss to csrf to change email but it does not show solved after solving the lab
<iframe src="https://0aa000b403362f3f82a9fce0009100bb.web-security-academy.net/#" onload="this.src+='<img src=x onerror=print()>'"></iframe>
In what scenarios are <a href="https://clicktester.net/double-click-test/"> right-click tests </a> commonly used, and how do they help assess user interaction with context menus?
Two requests that I would love to see in a future version of Burp are: 1) The option to configure which columns are shown in the HTTP history tab. E.g. I may want to remove the IP, Listener Port, and TLS columns from the...
Hi Team, would it be possible to have a "corporate" BAppStore which would extend the current BAppStore and allow testers to point BurpSuite to that BAppStore to download not only the official BApp extensions, but also...
Page 6 of 63
Your source for help and advice on all things Burp-related.