Burp Suite User Forum
Good morning, I've recently shifted my focus to mobile pentesting and started exploring new ways to utilize Burp Suite Pro, distinct from my previous web app pentesting practices. My current challenge revolves around...
Hi, how is everyone doing? I am writing this post because I am not being able to advance from the first step on this lab. I am using the server provided with the lab (not Collaborator, as I don't have the Professional...
Hello, I have been working on the CSRF Labs and I'm having problem with the following labs: - Lab #5: CSRF where token is tied to non-session cookie - Lab #6: CSRF where token is duplicated in cookie issues For Lab...
I have been working on this one for a while. Outside the corporate network and working from home, I have found the responses came back very slowly compared to some other similar labs I have run. Therefore, when I ran my...
when i open burp suite and intercept is off then browser is working.But when Disable or off burp suite then burp suite then browser cannot work.it shows The proxy server is refusing connections.
How i resrt all my labs and progress to solve them again ?
I have been trying to scan some of CTF challenges but whenever I try to use chrome in Burpsuit to scan, I get this message: "Error Unsupported or unrecognized SSL message" I've tried to import the CA certificate in...
I want to reset all learning and labs progress.
Hi, I want to enter several variables next to their data on my website, I seek to automate the process a little because there is a lot of data.
The application I am testing uses SSO login.microsoftonline.com. Once logged in, of course I can manually manage the token that appeared in my request history, but I would like this token to also be applied to the automatic...
I am currently conducting vulnerability assessment and penetration testing for an OTC platform that facilitates energy import and export. The platform caters to two types of users: 1) Admin and 2) DISCOM, a normal user. I...
I am getting "HTTP/2 stream error on 127.0.0.1:8080 - Flow-control limits exceeded" on opening any website running HTTPS. Tried in all the browsers, tried resetting the certificate, tried re-installing the burp suite, etc...
HI, from version 2024.1.1 of Burp Suite Professional I noticed that during Active scans the insert points are no longer limited to 30 as defined in the Active scans options and even if I try to modify this option the insert...
Dear support, I want to transfer my license to another device, but I get the following error during activation. Activation Failed no more activations allowed for this license What should I do? The license has been...
Hi, I am using the following request on the repeater on the authentication challenge (enumeration using timing response) : POST /login HTTP/1.1 Host:...
For subject Lab, payload %0d%0a is not working on HTTP 2.0, but its working for HTTP 1.1. Can you please explain this behavior.
Hi, Can you help me to scan PHP code in Burp Suite. I mean example: copy and paste PHP code from Github or Wordpress.org (plugin, theme) into Burp Suite. I used it to scan URL and send to intruder, repeater, and...
Hi,i use jar file to run burp. Can i keep stable and early adapter's version in the same computer? Will they cause any problem if i do so?
Hi, since linux is not supported by examinity, can I complete the identification process on a windows host, and the actual exam on a *different* linux based machine? Thanks in advance.
I have installed the professional Burp suite and when attempting to run it in headless mode (cmdline), I will get this error Failed to create Burp project: Fontconfig head is null, check your fonts or fonts...
Page 1 of 306
Your source for help and advice on all things Burp-related.