How do I? - Burp Suite User Forum

Lab: Reflected XSS protected by very strict CSP, with dangling markup attack

I can't complete the lab. After I "Deliver the exploit" to victim, I get nothing in the Collaborator. No response at all. I follow everything it says in the solution, I tried several videos with people doing it, but nothing...

how to slove this problam

This is your server. You can use the form below to save an exploit, and send it to the victim. Please note that the victim uses Google Chrome. When you test your exploit against yourself, we recommend using Burp's Browser...

Possible error in 'Lab: Basic clickjacking with CSRF token protection'

Despite I inputted the URL of the account page of the dangerous delete button, the log in page is displayed in the exploit server instead of the page containing the dangerous delete button

CSRF where token validation depends on request method

Hi, I have a problem with solving CSRF where token validation depends on request method in Burp professional version. This is my code from exploit server aned I have changed email in the code.Do you have more information...

Perform Active Scan With Checksum

Hello, I am working with an API that uses a checksum calculated based on all the parameters and values in the request. How can I run an active scan on this API? Is there a way to run a script before or after the request,...

Basic questions about the exam

Hi, If I fail the exam, do I have to pay the fee again in order to take another attempt ? Also, how frequently are exams held, and how long in advance should I register ? Best regards, sssss

Licenses

Can I install burp suite pro on two machines with one license? I'd like to install pro on my main PC and use that when I'm home, and then have it on my laptop when I travel. I wouldn't be using the license simultaneously.

Request to reset progress

I want to reset all my lab progress.

How to reset my password to a custom password

If i give reset password, i am getting an email and it gives a passwords. Can i change password to something i can remember?

Extract all fields, list values once.

I would like to extract values from the proxy logger and list each occurrence once. For example I have many different targets with different values in the X-Powered-By header. I want to know which unique values exists in the...

Burp browser error

Привіт. При відкритті браузера через програму вискакує помилка в якій пише:не являэться програмою Win32 як можна виправити дану помилку?

can't solve lab 'Exploiting time-sensitive vulnerabilities' - invalid token

Even i get the same milisecond results for both requests. The token still invalid for carlos user. I tried replace the latest phpsessionID, and csrf still cant get a valid token.

Reset all my labs and progress

How i resrt all my labs and progress to solve them again ?

Manual activation failed while activating the burpsuite Pro

Hi, I'm having a valid license till end of this year, but burp license got removed automatically from burp pro and unable to reactivate it. The error showing Activation Failed.

problem

when i solve lab it not update it solved , mean lab remain not solved but i solve

Error in Lab: Reflected XSS protected by very strict CSP, with dangling markup attack

Cuando intento resolver el lab enviando la carga util al usuario victima desde el servidor de exploit, no intercepta ni me llega nada a mi burp collaborator, lo he estado intentando toda la tarde pero no pudé conseguir algo...

Unable to open saved burp suite log file

I tried to open a saved burp project, but it says the project the file is corrupted, I have to repair it. After repair I was able to open the file but it appears to be an empty file.

No more activation allowed

Hello, After clearing the license from a BurpSuite Pro installation, I tried to use my license on a different installation and I got "no more activation allowed for this license" message. I thought clearing the license...

Use camera in chromium

Hi, I am testing an app that requires interaction with the web camera. This seems to be disabled in chromium (possible via launch flags). How can I re-enable normal camera functionality instead of the fake...

Montaya APi - How do I update my views fonts?

I would like to make my extension aware of the current font type & size. In a suite tab I use the following code: ```java @Override public void updateUI() { . . . ``` In said block I set the current font...