How do I? - Page 107 - Burp Suite User Forum

téléchargement de Burp Suit

Bonjour à tous, Je souhaite télécharger la version communautaire de Burp, avec l'architecture MacOs ARM, mais quand je clique sur le bouton vert "téléchargement", il ne se passe absolument rien, et aucun téléchargement...

Burp Interception does not work for localhost in Chrome

I can't intercept requests made by Chrome to my localhost site. - Local host site is running on IIS on http://127.0.0.3:80 - Burp proxy lister is default one on 127.0.0.1:8080 - Interception rules are default one as...

http smuggling

The first image in this tutorial(https://portswigger.net/web-security/request-smuggling) shows that we are sending two requests and the first one is with post methode and the second with post methode.I want to know if a...

Clickjacking Lab # 1

Hi, I aligned the "Test me" button to the div containing the "Delete Account" button perfectly, then stored and delivered the exploit to the victim, but the lab is not solved. Following is the code I used: <style> ...

Authentication bypass via encryption oracle lab

After right clicking on first byte, I am not finding any options for deleting specific number of bytes in decoder. I'me use the latest version of Burp pro. Thanks in advance for the answer.

Facing issues while setting up Burp Agents

Hi Team, I have procured burp suite enterprise trial license. I have one machine where burp enterprise server and agent is installed and on another machine one agent is installed. On burp suite enterprise web...

Why does Burp Suite Enterprise say "Pending License" after adding new agent server?

I just added a new agent server to be used by Burp Suite Enterprise V2021.6. I accepted the agent machine as a valid agent machine and then added one license to this the new machine. The problem is that the original machine...

The embedded browser has stopped passing traffic through burp, all site unreachable

Hi, For some reason the embedded browser has stopped being able to reach any sites. I don't see any traffic passing through the proxy. I did have the 'allow chrome to save settings' checkbox ticked and have unchecked...

How to uninstall the enterprise version of burpsuite

Hello, I just changed my laptop from Windows platform to MacBook. I want to install the community version of burp suite, but I mistakenly downloaded the enterprise version of burpsuite. My English is not good, so I didn't...

difference of intercepting the responses and then editing it with editing the website with inspect tool

Hi, 1-Imagine i entered to a website and then i used inspect tool to change some thing in the html or java script. 2-Imagine i'm using burp suite and then i'm intercepting HTTP responses and editing the response and...

A kind of Java Error!

when I command "burpsuite" in Terminal, it gives error as: To run Burp Suite using Java 17+, please supply the following JVM...

Request

Hello , I want to do something every (number) of requests , e.g. I want every 6 request to set the username parameter to " test " how should I do it ? - Burp suite pro version :) <----

Apprentice level courses

Hello, I was curious to know how many hours would you say it takes to complete the apprentice level course. Ball park figure. I know it is at your own pace, just to give me an idea if I decide to commit myself to...

SAML - Shib Workflow

Hi! I would like to use intruder to perform a brute force password attack on an Shibboleth IDP. But the problem I have is that they have strict workflow in order to allow that, which I am not able to reconstruct using...

How to crawl sites with complicated logins with Burp Pro v2022.2

I'm using Burp Pro v2022.2. Doesn't seem like there's a way to automatically crawl a website with complicated logins. Both options in Application login do not work. It uses basic auth. I have tried both "User login...

Export Scan Results from Burp Enterprise to Burp Professional

Is there a way to export scan results from Burp Enterprise and then import them into Burp Professional so I can re-test and do further analysis using Repeater, etc? Thanks

Start Burp suite as a different user on Windows 10

Hi all, for some penetration testing tasks I need to start the whole Burp suite as a different user (Windows 10) than the user from the license context. So it asks me to enter the license key again. Which doesn't work as...

Headless mode of the Proxy

Hi, I want to setup Burp in Headless mode in a way to observe the traffic which goes through it as a proxy. Is it possible to see all the requests as the way they can be seen in the Proxy -> HTTP History...

Private Collaborator server issue with DNS records

I am following https://portswigger.net/burp/documentation/collaborator/deploying#collaborator-configuration-file and appear to have everything configured correctly (DEBUG collaborator logs record HTTP and DNS requests) but...

Burp Collaborator client health check message.

Hi, I am trying to do some burp labs and the collaborator wasn't polling. I performed the health check of the collaborator and it gave this message towards the end. "The Collaborator server software is out of date. Some...