How do I? - Page 107 - Burp Suite User Forum

AWS API

Hi, I was wanting to integrate burp suite professional within aws to proxy a clients web application requests and was wondering what the best path would be in doing that. Would it be best to create an API for the http...

Does Burp Suite Support Decompression of QPACK Headers in HTTP 3?

Hi Foklks, Like the title says, I'm wondering if Burp Suite is able to decompress QPCK

Month Subscription

Why don't you charge $50.00 a month for a monthly subscription? The annual fee is too expensive for the vast majority of individual people.

Delete Account

Kindly delete my account...thank you.

how do i load requests that i have saved earlier from burp suite using "save item" option

i know it might sound noob question for many peoples but can you please tell how do i load requests that i have saved earlier from burp suite using "save item" option

Open browser does not work

I installed burp suite for the first time. I did not change anything. But when I go to proxy, intercept, make sure that intercept is on and click open browser, nothing happens for 20 seconds, then a blue google chrome icon...

Delete temporary files after scan using temporary project

Burp suite does not delete temporary files after the application is closed. Where is burp suite's temporary files directory after scanning? This makes my space less.

Active Scan

Is there a way to configure active scanning to avoid tampering with specified parameters? Such as viewstate or session cookies or other headers? I know this can be done with Intruder and am wondering if it can be...

TLS Certificate

I am doing a pentest on Web application that needs client certificate to access the website. How Can I add the certificate to Burpsuite to access the web application?

No more activation

"No more activation allowed" issue after disk format. Can I get support?

Intercept Response for JS files?(not working)

Hi Support, I m trying to intercept a server response providing a JS script for modification purposes. I went to Proxy/Options/Intercept Server Response and set it up like that: 1 Intercept Request was Intercepted 2...

Unable to use "adminusercreator" on 2022.07 - "resetAdministratorPassword" script doesn't exist.

Lost ability to log in using LDAP, and can't seem to find administrator password. Tried to use "adminusercreator" script. It connects to the DB, but fails with: ### Error querying database. Cause:...

looking for The Blog

How do I locate 'The Blog' page for sign in?

Fuzzing SQL i

I have a question on the intruder payload used for fuzzing SQLi. The payload has {base} in the prefix, example: {base}'#, {base} or 7=7#, and many others. I have never encountered {base} syntax for sqli payload before,...

Account Deletion or termination

Hi, We are ceasing operations and we like to delete or terminate our account. Pls cc carlo.husmillo@swapoolabs.com for your response. Thanks!

'Lab: Blind OS command injection with time delays' provided solution doesn't work

Neither the provided solution of the lab 'Lab: Blind OS command injection with time delays' (https://portswigger.net/web-security/os-command-injection/lab-blind-time-delays) nor any community solutions are working. The...

Delete account

Can I please delete the account that I created?

Combining web cache poisoning vulnerabilities and Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria

Helle :) I encountered the same problem in two different labs of cache poisoning. I try to set the Access-Control-allow-origin: * header on the exploit server (on both labs), in order to allow the file to be accessed...

Post Request input Reflected on another page.

Hello all, i send a post request with some data that returns ok in the response. The data are stored and can been seen in another page. Is there a way to automate the scanning for stored xss or make the burp active scanner...

Genymotion android emulator TLS error

I have already installed the cacert into system on my android emulator. when i open any app from, vimeo to instagram to facebook, i get "Error Proxy [204] The client failed to negotiate a TLS connection to...