Burp Suite User Forum

Login to post

retrieval of hidden data

I'm trying to practice sql injection lab. I don't know why this url mentioned in the lab "https://insecure-website.com/products?category=Gifts" is not opening. It is throwing this error "The requested URL was not found on...

Last updated: Jan 17, 2021 05:23PM UTC | 0 Agent replies | 0 Community replies | How do I?

Lab: 2FA bypass using a brute-force attack

I have been working on this one for a while. Outside the corporate network and working from home, I have found the responses came back very slowly compared to some other similar labs I have run. Therefore, when I ran my...

Last updated: Jan 17, 2021 05:20PM UTC | 9 Agent replies | 21 Community replies | How do I?

Response manipulation

How can i intercept response and do manipulation on it?

Last updated: Jan 17, 2021 12:12PM UTC | 0 Agent replies | 0 Community replies | How do I?

Not able to locate the file

OS: Windows 10 Pro I downloaded Burp Suite Community Edition. When I run the exe file, everything went fine but I couldn't locate the file to open Burp Suite. I tried uninstalling and re-installed it but still couldn't...

Last updated: Jan 17, 2021 09:37AM UTC | 0 Agent replies | 0 Community replies | How do I?

error in text

hi i have an error in my test it showing as squares can you help me

Last updated: Jan 16, 2021 09:36PM UTC | 0 Agent replies | 1 Community replies | How do I?

getting twitch error code

Hello everyone I 'm new here. Twitch showing me error code 5000 content not available. I tried several times but error didn't go. could suggest something so I can out from this problem.

Last updated: Jan 16, 2021 05:45PM UTC | 1 Agent replies | 2 Community replies | How do I?

Lab Not Working Properly

I am trying to solve this lab(Exploiting HTTP request smuggling to perform web cache poisoning) But seems it is not working properly i tried as per video solution by Micheal sommer. Request:- POST / HTTP/1.1 Host:...

Last updated: Jan 16, 2021 08:36AM UTC | 3 Agent replies | 4 Community replies | How do I?

Allowing the symbol "&" to be part of a string, instead of being something else

Hello, I've been trying to add the symbol "&" as part of a string in my POST request yet, I can't find out how. I tried backslash, "`", etc. I would truly appreciate it if you could help me out as soon as possible. Thank...

Last updated: Jan 15, 2021 04:48PM UTC | 2 Agent replies | 8 Community replies | How do I?

Use Match and Replace to add a script to the head on certain pages / domains?

Hi I need to add a certain script on all pages containing a head tag. Basically replacing: <head> something something something With: <head> <script src="my/path"></script> something something ...

Last updated: Jan 15, 2021 04:48PM UTC | 3 Agent replies | 3 Community replies | How do I?

installation path in azure

During the installation of Burp Suite Enterprise in On-Premise, the software indicates a default path where Burp Enterprise will be installed, in case of Linux path: / var / log / BurpSuiteEnterpriseEdition, in windows c: \...

Last updated: Jan 15, 2021 02:06PM UTC | 1 Agent replies | 1 Community replies | How do I?

Crawler not crawling thorough enough

Hi there, Burp Pro v2020.12.1. I have an application and I managed to make the headed crawler login properly. After the login credentials were entered the crawler needs to figure out it can supply *any* 2fa code in the...

Last updated: Jan 15, 2021 01:56PM UTC | 2 Agent replies | 2 Community replies | How do I?

Schedule a scan with the Burp Enterprise graphql API

I'm trying to schedule a scan with the Burp Enterprise graphql API, but it alwas returns an unexpected error. An example query would be: mutation Schedule { create_schedule_item(input: { site_id: "1", ...

Last updated: Jan 15, 2021 01:13PM UTC | 5 Agent replies | 4 Community replies | How do I?

Burp REST API scanning

Hello, Is there a way to use Burp PRO's REST API to scan all URLs in an existing sitemap? I noticed that the POST /scan request will initiate a Crawl & Audit task in Burp, but it will not take the sitemap as an...

Last updated: Jan 15, 2021 09:28AM UTC | 5 Agent replies | 4 Community replies | How do I?

Upgrade Java to current version in Burpsuite Enterprise

I need to upgrade Java to the current version in Burpsuite Enterprise for security. I am using Burp Ent linux v2020_2. It is now using Java 9.0.4+11, which is not current. What is the procedure? What version of Java would...

Last updated: Jan 15, 2021 08:32AM UTC | 2 Agent replies | 1 Community replies | How do I?

Supported/Recomended version of JRE with Burpsuite professional 2.1.07 and latest

Team, I have been using BurpSuite professional v2.1.07 in Windows 7 OS w/ Oracle JRE 8 for quite some time. (as part of automation we run BS from commadline by executing .jar file) Recently, I setup a new virtual...

Last updated: Jan 15, 2021 06:22AM UTC | 3 Agent replies | 3 Community replies | How do I?

JRE Warning

Your JRE appears to be version 13.0.1 from oracle Corporation Burp has not been fully tested on this platform and you may experience problems. Please, help me how to use burp withour this error? Thanks.

Last updated: Jan 15, 2021 06:15AM UTC | 4 Agent replies | 5 Community replies | How do I?

Engagement tools > Content discovery to site map

Hello, I just discovered this awesome feature in the engagements tools. The only "problem" is How to add the discovered content to the main site map?? I checked the "Add discovered content to the suite site map" and...

Last updated: Jan 14, 2021 02:23PM UTC | 1 Agent replies | 0 Community replies | How do I?

I cannot login using the credentials, weiner:peter

I was trying to solve the labs to learn about the cors vulnerability. but for some reason, I cannot login to the webapp using the given details, weiner:peter

Last updated: Jan 14, 2021 01:52PM UTC | 1 Agent replies | 0 Community replies | How do I?

burp intruder match/replace invalid regex

burp intruder's match/replace rule applies for FILE} but says invalid regex for {FILE}.

Last updated: Jan 14, 2021 11:13AM UTC | 1 Agent replies | 0 Community replies | How do I?

Exclude CSS Files [Burp Suite Enterprise]

How can I exclude CSS files from being crawled and audited in Burp Suite Enterprise? The configuration settings are not as granular as in Burp Suite Pro. Thank you.

Last updated: Jan 14, 2021 11:13AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 1 of 150

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image