Burp community forum

the client failed to negotiate a tls connection to xxx.xxx.xxxx:443: Remote host closed connection during handshake

Hi, When I use my local ip address to intercept data ,I'm getting the alert "the client failed to negotiate a tls connection to xxx.xxx.xxxx:443: Remote host closed connection during handshake" , But if I use the...

Last updated: Feb 21, 2020 02:12AM UTC | 1 Agent replies | 1 Community replies | How do I?

licensing free trial

Hello I activate my free trial license and had to reinstall before testing anything, could you please provide me with a new activation / license ? We are POCing the solution. Regards, Michael Gonin

Last updated: Feb 20, 2020 09:09PM UTC | 1 Agent replies | 1 Community replies | How do I?

Migrate Database Issue - Burp Enterprise

I am attempting to migrate the database and am receiving this error message: Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Cannot find the user 'burp_agent', because it does not exist or you do not have...

Last updated: Feb 20, 2020 06:54PM UTC | 0 Agent replies | 0 Community replies | How do I?

Enterprise TLS Certificate untrusted

I have followed several other posts about importing trusted certs into a certificate store. I have "successfully" imported a certificate but the TLS Certificate untrusted finding continues to flag. How can I get this...

Last updated: Feb 20, 2020 04:18PM UTC | 1 Agent replies | 2 Community replies | How do I?

Second Order Testing | Burp Scanner

I'm trying to setup a session rule for Burp Scanner, is it possible to create a session/macro for the following scenario? Scenario: Webpage #1: POST Request http://example.com filename=payload Webpage #2:GET...

Last updated: Feb 20, 2020 03:31PM UTC | 3 Agent replies | 2 Community replies | How do I?

Activate a license key manually in the PortSwigger website

I have a license key from my colleague in William Hill, but can't download the Burp Suite Professional program because I don't have a license associated with my newly created account.

Last updated: Feb 20, 2020 03:06PM UTC | 1 Agent replies | 0 Community replies | How do I?

Is this a false positive? (sql / xpath injection)

Google brought me here. This previous post from 2015 seems similar to what I'm experiencing: https://forum.portswigger.net/thread/probable-bug-sql-injection-avoidable-false-positive-d1e55f31 Basically I have two...

Last updated: Feb 20, 2020 02:57PM UTC | 1 Agent replies | 0 Community replies | How do I?

To Delete the posts made by burp

Hi We are using Burp Enterprise version 1.7.37, I am giving POST request to add a user. Actually while doing active scan burp triggers multiple post requests with different attributes and multiple users are being added. My...

Last updated: Feb 20, 2020 10:40AM UTC | 1 Agent replies | 0 Community replies | How do I?

traffic Interception issues for vpn based applications

I have a licensed burp installed on my system. I am currently testing an IOS mobile app, the IOS mobile app works only when the vpn to my company network is established. My laptop is also on vpn connection. I have...

Last updated: Feb 20, 2020 10:02AM UTC | 2 Agent replies | 1 Community replies | How do I?

Burp Enterprise unattended install -- what is the administrator password?

When doing an unattended install from a response file generated by a previous install, e.g. `./burpsuite_enterprise_linux_v1_1_02.sh -q -varfile response.varfile`, what's the administrator password set to? The password from...

Last updated: Feb 19, 2020 07:47PM UTC | 3 Agent replies | 4 Community replies | How do I?

Integrate Burp Enterprise with Splunk

Hi, I was looking at integrating Burp Enterprise with Splunk. I see documentation on ActiveEvent, but the it doesn't look like it works with the enterprise version of Burp. I would like to pipe the scan results to splunk...

Last updated: Feb 19, 2020 02:50PM UTC | 1 Agent replies | 0 Community replies | How do I?

Use the jenkins plug-in with pipeline scripting

Hello, Is there a way to use the burp enterprise jenkins plug-in inside a groovy pipeline script. Something like (jenkins pipeline syntax follows): stage('Web scan') { steps { ...

Last updated: Feb 19, 2020 02:36PM UTC | 1 Agent replies | 0 Community replies | How do I?

NET::ERR_CERT_VALIDITY_TOO_LONG

Information ------------------------------------------------------------ Version : Burp 1.7.32 (Professional) Burp Proxy Server : Kali Linux Certificate : Android Device 7.0...

Last updated: Feb 19, 2020 02:33PM UTC | 6 Agent replies | 5 Community replies | How do I?

Audit a REST API

There's a way to audit a rest API with Burp enterprise using the swagger file like with OpenAPI Parser in Burp Pro?

Last updated: Feb 19, 2020 01:45PM UTC | 1 Agent replies | 0 Community replies | How do I?

Login on website Scan

I was trying out the website scan functionality and I entered the login credentials for a site. I then entered all the other data and started the crawl and audit. When it was on the Account\Login page it did not appear to...

Last updated: Feb 19, 2020 09:40AM UTC | 2 Agent replies | 1 Community replies | How do I?

Exploiting cross-site scripting to steal cookies

I inject javascript code to steal cookies but the online lab doesn't simulate another user who views blog comments after they are posted ... any idea why ? Known bug ? I don't use Burp Collaborator but a service hosted on...

Last updated: Feb 19, 2020 09:14AM UTC | 3 Agent replies | 2 Community replies | How do I?

Lab: Reflected XSS into HTML context with most tags and attributes blocked

Hi all. I'm working on solving lab "Reflected XSS into HTML context with most tags and attributes blocked". I get an alert and find a pare of tag / attribute but lab does not get marked as solved. My solution is:...

Last updated: Feb 18, 2020 03:27PM UTC | 6 Agent replies | 8 Community replies | How do I?

Can I use private Burp2 Collaborator Server deployment with Burp1.7 Professional?

Hi, We are doing gradual rollout of Burp2, upgrading from Burp1.7 (professional versions). At the moment, Burp Collaborator is Burp 1.7. Is Burp 2 Collaborator Server backward compatible, so Burp 1.7 can continue to...

Last updated: Feb 18, 2020 01:43PM UTC | 1 Agent replies | 0 Community replies | How do I?

Autocomplete/Autofill enabled

Hi, I have done a security testing in Burp Suite, while doing we have faced the below issue for our application. issue description : "It was noted during the assessment that auto-complete feature was enabled on certain...

Last updated: Feb 18, 2020 11:43AM UTC | 1 Agent replies | 0 Community replies | How do I?

Improper Error Handling

Hi, I have done a security testing in Burp Suite, while doing we have faced the below issue for our application. issue description : At Error page, Application returns stack trace and debugging information, which...

Last updated: Feb 18, 2020 11:06AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 1 of 88