How do I? - Burp Suite User Forum

trouble installing

Hello, Trying to run Burpsuite on Kali (Pi4b, Cortex-A72), running the latest Open-JDK and I keep running into issues. If I run the JAR i get: "invalid file (bad magic number): Exec format error" and if I run the...

Community version

Please advise can use the community version for my testing I've downloaded one but it it's not intercepting just wanted to see if I can use for my daily work and buy a full version later.

HTTP request smuggling, confirming a TE.CL vulnerability via differential responses

Hi I understood the principle of the lab and planned to test it. This lab environment should theoretically be TE.CL. First, I used this detection packet ...... Transfer-Encoding: chunked Content-Length:...

Intruder---xss playload add-ons

Hello this is Olek I would like ask about intruder scanner.If I scan some website looking for some xss.I have about 1000 payload. There is some add-ons for burp to check which payload suit for xss. for example <script>...

Lab: Information disclosure in version control history

Hi , https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-version-control-history I exhausted to find admin.conf(step 4) as solution indicate but can not make it. Can give a hint where is...

No load balancer seems to be created for BSEE CloudFormation

I am trying to set up BSEE via the instructions at https://portswigger.net/burp/documentation/enterprise/getting-started/cloud/deploy-aws. I have deployed the CloudFormation stacks, and they seem to have completed (according...

Admins, I didn't realize this was a public forum (thought it was chat with support team),

Admins, I didn't realize this was a public forum (thought it was chat with support team), can you please remove my email_id from the post?

Burp Enterprise from resource template

Hello, Having some problems deploying burp from the provided resource templates Setup the DB by hand per instructions and then execute the script. Afterward we get a bad gateway when hitting up against the...

How do I see milliseconds in request time?

Milliseconds doesn't exist in the request time format.

Having issue signing into the "Basic Clickjacking with CSRF token protection" lab

I'm unable to even start the lab (https://portswigger.net/web-security/clickjacking/lab-basic-csrf-protected). The provided credentials, carlos/montoya, do not work for me. Any ideas?

Burp intruder

Hi burp intruder start time add please. sample: - immediateyl - in *10* minutes - paused and add this option - start time ; (23:11:2020 22:00:15:654(millisecond)) The process will start at the specified...

How to trigger existing scan

HI need to trigger a existing scan using api. Nothing but how to rerun the scan.

Running passive checks without issuing new requests

I seem to remember that Burp used to be able (in the old 1.7 version) to apply all passive checks on the requests stored inside Burp. Is this still possible? I've tried right-clicking the in-scope hosts in the Target tab and...

Scanner Timed Out but Repeater Succeeds

I'm performing a scan of a specific page of an ASP.Net web application. From Logger++ I can see every request to the site and in the Comment column it states "Timed Out" and Status states "-1". But, if I take that request...

Install burpsuite professional

I have a valid licence.How do I install Burpsuite Professional

Authenticated Scan : Authorization header in every request used for SPA

Hi, I am stuck with authorization part for my application which uses "security token service" openid connect + oauth2. Application Working: 1)Login Page : Enter login credentials and click on submit button it will...

Burp Active Scan gives communication error

Hi,Burp Active Scan gives communication error but rest everything is running fine like intruder,Repeater , what is the issue then?

Lab#SQL injection attack, querying the database type and version on MySQL and Microsoft

Dear all, my question refers to https://portswigger.net/web-security/sql-injection/examining-the-database/lab-querying-database-version-mysql-microsoft. I already tried setting injectable parameter to following...

install burp pro in ubuntu

Hello sir/mam Iam Kannan.I will try to install.sh Linux File but that is not support in Ubuntu so pleas help me to install

BurpEnt custom inner DB port

Hi! We've purchased ent licences and already using software. We created wide spread install, including publications for outer (internet) agents to connect to grey LAN IP. But we cannot use default ports for connection and...