Burp community forum
Hi, When I use my local ip address to intercept data ,I'm getting the alert "the client failed to negotiate a tls connection to xxx.xxx.xxxx:443: Remote host closed connection during handshake" , But if I use the...
Hello I activate my free trial license and had to reinstall before testing anything, could you please provide me with a new activation / license ? We are POCing the solution. Regards, Michael Gonin
I am attempting to migrate the database and am receiving this error message: Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Cannot find the user 'burp_agent', because it does not exist or you do not have...
I have followed several other posts about importing trusted certs into a certificate store. I have "successfully" imported a certificate but the TLS Certificate untrusted finding continues to flag. How can I get this...
I'm trying to setup a session rule for Burp Scanner, is it possible to create a session/macro for the following scenario? Scenario: Webpage #1: POST Request http://example.com filename=payload Webpage #2:GET...
I have a license key from my colleague in William Hill, but can't download the Burp Suite Professional program because I don't have a license associated with my newly created account.
Google brought me here. This previous post from 2015 seems similar to what I'm experiencing: https://forum.portswigger.net/thread/probable-bug-sql-injection-avoidable-false-positive-d1e55f31 Basically I have two...
Hi We are using Burp Enterprise version 1.7.37, I am giving POST request to add a user. Actually while doing active scan burp triggers multiple post requests with different attributes and multiple users are being added. My...
I have a licensed burp installed on my system. I am currently testing an IOS mobile app, the IOS mobile app works only when the vpn to my company network is established. My laptop is also on vpn connection. I have...
When doing an unattended install from a response file generated by a previous install, e.g. `./burpsuite_enterprise_linux_v1_1_02.sh -q -varfile response.varfile`, what's the administrator password set to? The password from...
Hi, I was looking at integrating Burp Enterprise with Splunk. I see documentation on ActiveEvent, but the it doesn't look like it works with the enterprise version of Burp. I would like to pipe the scan results to splunk...
Hello, Is there a way to use the burp enterprise jenkins plug-in inside a groovy pipeline script. Something like (jenkins pipeline syntax follows): stage('Web scan') { steps { ...
Information ------------------------------------------------------------ Version : Burp 1.7.32 (Professional) Burp Proxy Server : Kali Linux Certificate : Android Device 7.0...
There's a way to audit a rest API with Burp enterprise using the swagger file like with OpenAPI Parser in Burp Pro?
I was trying out the website scan functionality and I entered the login credentials for a site. I then entered all the other data and started the crawl and audit. When it was on the Account\Login page it did not appear to...
I inject javascript code to steal cookies but the online lab doesn't simulate another user who views blog comments after they are posted ... any idea why ? Known bug ? I don't use Burp Collaborator but a service hosted on...
Hi all. I'm working on solving lab "Reflected XSS into HTML context with most tags and attributes blocked". I get an alert and find a pare of tag / attribute but lab does not get marked as solved. My solution is:...
Hi, We are doing gradual rollout of Burp2, upgrading from Burp1.7 (professional versions). At the moment, Burp Collaborator is Burp 1.7. Is Burp 2 Collaborator Server backward compatible, so Burp 1.7 can continue to...
Hi, I have done a security testing in Burp Suite, while doing we have faced the below issue for our application. issue description : "It was noted during the assessment that auto-complete feature was enabled on certain...
Hi, I have done a security testing in Burp Suite, while doing we have faced the below issue for our application. issue description : At Error page, Application returns stack trace and debugging information, which...
Page 1 of 88