How do I? - Page 104 - Burp Suite User Forum

HTTP/2 Request tunneling error

I was practicing http/2 equest tunneling lab, I checked HTTP/2 ALPN override option, in Project option -> HTTP block HTTP/2 Option was also checked, but under Inspector tab when I changed from HTTP/1.1 to HTTP/2 and added 1...

About Audit results Cross-site scripting (reflected)

I have detected reliable cross-site scripting in audit, but I need help because I have doubts about the correct results. The results indicate that the script is reflective. However, the content type is javascript, so...

how can I scan project in burp suite using commnd

I need to burp suite in automation how can I achieve that AS a QA I want scan project with one trigger . please help out in this .

Burp Suite Proxy with java application

Hi! I have java application that receive proxy settings. 1) I exported der certificate from Burp Suite 2) Imported this certificate to the java keystore with keytool: keytool -import -trustcacerts -file...

Cannot login with valid credentials

Hello Good day. I am using Burp Scan to check the web-page's vulnerabilities. With regards to the configurations during scan, although I set up valid useID and password in Application Login config, it looks like they...

Intercept .jar application with HTTPS traffic

Hi there How do I intercept java swing application with HTTPS traffic. Where do I import the .cer file generated from Burpsuite and how do I set the parameter to route the traffic to Burpsuite.

Crazy question about the Java JRE

In downloading BSP, I noticed that it also installs a Java Run Time. The question that is now popping up is IF BSP comes with a License for the JRE ? As we know, Oracle changed their licensing scheme for Java 8 and...

burp collaborator health check error

hi I'm using burp pro (v2022.8.2) I can access https://oastify.com/ and http://oastify.com/ Please check the error burp collaborator health check error Server HTTPS connection (trust enforced) Warning Server...

No more activations allowed for my license.

Hi Team, I had to reset my PC due some issue happened. I reinstall burp suite but cannot register the license anymore. Please help.

Burpsuite active scan changed my table's shape and data, is there any way to recover them?

I used burpsuite to do an active scan of my web application to find vulnerabilities. After the scan was done, one of my tables got messed up: ...

How many machines can use 1 Burp Pro license?

Hi Team, I need clarification for below questions. Iam willing to buy license for pro. 1) I have one laptop and one desktop. I would like to install pro licensed on the machines. Do i have to purchase two...

have a problem with "Lab: URL normalization"

Hi, In this lab I can not get the request to be cached and I get `X-cache: miss` on every request I send. when I use `pragma: x-get-cache-key` I can see that on every request I send there is a different origin header like...

Trial version of burp suit pro

Dear team, I want to see how burp suit pro work. For that purpose, I want a trial version of "Burp suit pro".

exclude static resources

Hello! How can I to construct a regex correctly to exclude files in Advantage Scope in "live audit scan"? For example, how can I to exclude static resources. I...

Testing ASP.net Anti-Forgery Token

We have implemented ASP.NET (4.7.2) anti-forgery token and have been testing it. When we modify the token in the post to the API through FireFox, we get a 400 bad request response. However, when we try to do the same thing...

license purchase

I have purchased a license, when will I be contacted?

"Lab: Blind SQL injection with conditional responses" syntax question

The following are given as examples about how to test for truth: TrackingId=xyz' AND (SELECT 'a' FROM users LIMIT 1)='a TrackingId=xyz' AND (SELECT 'a' FROM users WHERE username='administrator')='a TrackingId=xyz'...

I need to move my license

Hello Burp support folks, As per the other posts, can you help me deactivate my currently activated Pro license so that I can move it to a new system? I'll have to give you the details as it is listed under our org license...

Cookie tab is not showing!

hello! i have been experimenting on burpSuite and was trying to get access to cookies from a application being tested. However burpSuite isn't showing cookies on Proxy->Intercept tab. Any help is appreciated.

links in academy labs websites not working in firefox or embedded browser in burpsuite

I have the portswigger certificate installed in firefox. I have tried setting firefox browser settings to http 127.0.0.1 & port 8080. I have tried having burpsuite intercept both on and off but nothing seems to work. If I...