Burp Suite User Forum
I'm trying to practice sql injection lab. I don't know why this url mentioned in the lab "https://insecure-website.com/products?category=Gifts" is not opening. It is throwing this error "The requested URL was not found on...
I have been working on this one for a while. Outside the corporate network and working from home, I have found the responses came back very slowly compared to some other similar labs I have run. Therefore, when I ran my...
How can i intercept response and do manipulation on it?
OS: Windows 10 Pro I downloaded Burp Suite Community Edition. When I run the exe file, everything went fine but I couldn't locate the file to open Burp Suite. I tried uninstalling and re-installed it but still couldn't...
hi i have an error in my test it showing as squares can you help me
Hello everyone I 'm new here. Twitch showing me error code 5000 content not available. I tried several times but error didn't go. could suggest something so I can out from this problem.
I am trying to solve this lab(Exploiting HTTP request smuggling to perform web cache poisoning) But seems it is not working properly i tried as per video solution by Micheal sommer. Request:- POST / HTTP/1.1 Host:...
Hello, I've been trying to add the symbol "&" as part of a string in my POST request yet, I can't find out how. I tried backslash, "`", etc. I would truly appreciate it if you could help me out as soon as possible. Thank...
Hi I need to add a certain script on all pages containing a head tag. Basically replacing: <head> something something something With: <head> <script src="my/path"></script> something something ...
During the installation of Burp Suite Enterprise in On-Premise, the software indicates a default path where Burp Enterprise will be installed, in case of Linux path: / var / log / BurpSuiteEnterpriseEdition, in windows c: \...
Hi there, Burp Pro v2020.12.1. I have an application and I managed to make the headed crawler login properly. After the login credentials were entered the crawler needs to figure out it can supply *any* 2fa code in the...
I'm trying to schedule a scan with the Burp Enterprise graphql API, but it alwas returns an unexpected error. An example query would be: mutation Schedule { create_schedule_item(input: { site_id: "1", ...
Hello, Is there a way to use Burp PRO's REST API to scan all URLs in an existing sitemap? I noticed that the POST /scan request will initiate a Crawl & Audit task in Burp, but it will not take the sitemap as an...
I need to upgrade Java to the current version in Burpsuite Enterprise for security. I am using Burp Ent linux v2020_2. It is now using Java 9.0.4+11, which is not current. What is the procedure? What version of Java would...
Team, I have been using BurpSuite professional v2.1.07 in Windows 7 OS w/ Oracle JRE 8 for quite some time. (as part of automation we run BS from commadline by executing .jar file) Recently, I setup a new virtual...
Your JRE appears to be version 13.0.1 from oracle Corporation Burp has not been fully tested on this platform and you may experience problems. Please, help me how to use burp withour this error? Thanks.
Hello, I just discovered this awesome feature in the engagements tools. The only "problem" is How to add the discovered content to the main site map?? I checked the "Add discovered content to the suite site map" and...
I was trying to solve the labs to learn about the cors vulnerability. but for some reason, I cannot login to the webapp using the given details, weiner:peter
burp intruder's match/replace rule applies for FILE} but says invalid regex for {FILE}.
How can I exclude CSS files from being crawled and audited in Burp Suite Enterprise? The configuration settings are not as granular as in Burp Suite Pro. Thank you.
Page 1 of 150
Your source for help and advice on all things Burp-related.