Burp Suite User Forum

Need a small more insights on SQL injections post

Hello everyone, I was going through the SQL injection learning materials, and I didn't quite understand a sentence I need some explanation to understand, that sentence follows, "In some situations, an attacker can...

Last updated: Apr 04, 2020 05:06AM UTC | 1 Agent replies | 1 Community replies | How do I?

Cache poison labs - Responses not caching

Hello, I've been using the labs to practice cache poisoning. So far I've completed some of them, but since I tried the one that explotes DOM-based vulnerability, my requests made on burpsuite never receive a "X-Cache: hit"...

Last updated: Apr 04, 2020 01:12AM UTC | 0 Agent replies | 0 Community replies | How do I?

Intruder attack results

Hello, For a school project, i am using a Kali VM to perform a password attack on the login page of Damn Vulnerable Web Application (DVWA). Just focusing on obtaining the password of username admin, i use the Sniper...

Last updated: Apr 03, 2020 07:14PM UTC | 0 Agent replies | 0 Community replies | How do I?

Combine detected issues in a report

I ran an active scan and the issue activity does not contain all of the issue activities detected/reporting from the dashboard. Is there a way to combine the two into one report?

Last updated: Apr 03, 2020 03:50PM UTC | 0 Agent replies | 0 Community replies | How do I?

Activations Errors

Hello support, I have been working on getting Burp to run inside a docker container and ran into an issue stating the activations had been exceeded. There was a post on the internet stating there is a way to add the...

Last updated: Apr 03, 2020 03:43PM UTC | 0 Agent replies | 0 Community replies | How do I?

Architecture recommendation

Hello, I have to deploy BurpEnterprise with 10 to 20 agents for the moment on 1 machine. I have 2 questions : - Which sizing should I chose for the machine, you have reco for sizing for base and agents do I have to sum...

Last updated: Apr 03, 2020 02:55PM UTC | 0 Agent replies | 0 Community replies | How do I?

Burpsuite Stops to intercept requests if connected with anyconnect VPN tool

Hi, I am connected with a VPN (Cisco AnyConnect Secure Mobile Client v4.8.00175) I have put proxy in my android phone (Marshmallow) I can intercept all https requests when I am NOT connected to vpn BUT i am facing...

Last updated: Apr 03, 2020 01:59PM UTC | 1 Agent replies | 0 Community replies | How do I?

Add email recipient to POST configuration on REST API

Hello Support, When I performing a scan from Jenkins, by the REST API. There is no report functionality like "add email recipient". Normally in Burp Suite Enterprise, this is configured by site. But how I configure...

Last updated: Apr 03, 2020 01:51PM UTC | 1 Agent replies | 0 Community replies | How do I?

How can I optimized my audit

My project is stuck in "Identifying items to audit" for 13 hrs, heres some info: 5014 request 2575 locations crawled Configuration: Crawl strategy - more complete Audit checks - medium active Minimize false...

Last updated: Apr 03, 2020 09:04AM UTC | 1 Agent replies | 1 Community replies | How do I?

installation in kali linux

I can't install burp pro in kali linux, you could kindly tell me step by step how to proceed thanks

Last updated: Apr 03, 2020 08:44AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Enterprise: Failed to initialize database

Hi, I'm trying to install Burp Enterprise on an already configured database following the documentation here: https://portswigger.net/burp/documentation/enterprise/getting-started/installation#database-setup However,...

Last updated: Apr 03, 2020 08:04AM UTC | 5 Agent replies | 9 Community replies | How do I?

How do I test an application using Server-Sent Events?

How do I test an application using Server-Sent Events? I tried turning off 'Set "Connection close" on incoming requests in proxy options, but it seems like the streaming response data never gets into burp and never gets...

Last updated: Apr 03, 2020 07:41AM UTC | 2 Agent replies | 1 Community replies | How do I?

Error Proxy The client failed to negotiate a TLS connection to telemetry.dropbox.com:443: Received fatal alert: unknown_ca

I'm getting the follwing errors when attempting to use Burp to analyse web traffic. Any site that uses HSTS gets the following error: 1585841893062 Error Proxy The client failed to negotiate a TLS connection to...

Last updated: Apr 02, 2020 05:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

DVWA not loading while using burp proxy

I am unable to access the DVWA website when the burp proxy is turned on (It is not showing 404 error but the DVWA website does not loads)? Why is that and what can I do about it ?

Last updated: Apr 02, 2020 05:49PM UTC | 1 Agent replies | 0 Community replies | How do I?

Download software

Hi, How can I download the software with my account? My colleauge has arranged the license for our company, but I don't have his login credentials.

Last updated: Apr 02, 2020 10:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

Unable to download burp professional

HI team , I've burp pro product key ,i want to download and activate burp professional edition. could you please help me out?

Last updated: Apr 02, 2020 09:45AM UTC | 1 Agent replies | 1 Community replies | How do I?

Parameter handling

Hello there How are you? Would you be so kind to nudge me in the right direction; how can I make use of this feature: Quote: from...

Last updated: Apr 02, 2020 09:29AM UTC | 3 Agent replies | 2 Community replies | How do I?

Verify Authentication for Enterprise Edition

I expect to see authentication details in /var/log/BurpSuiteEnterpriseEdition/enterpriseAgentAccess.log - however, for my scans I do not see any details being populated for scans that I provide login details. Need to...

Last updated: Apr 02, 2020 08:29AM UTC | 2 Agent replies | 2 Community replies | How do I?

Lab: Reflected XSS into HTML context with most tags and attributes blocked

Hi all. I'm working on solving lab "Reflected XSS into HTML context with most tags and attributes blocked". I get an alert and find a pare of tag / attribute but lab does not get marked as solved. My solution is:...

Last updated: Apr 02, 2020 06:34AM UTC | 9 Agent replies | 13 Community replies | How do I?

SSL Burp certificate MacOS

Hi, I'm Lorenzo. I've followed the entire guide to install the CA certificate generated by Burp for Safari. https://portswigger.net/support/installing-burp-suites-ca-certificate-in-safari I've followed each step but it...

Last updated: Apr 01, 2020 09:54AM UTC | 3 Agent replies | 3 Community replies | How do I?

Page 1 of 95

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image