How do I? - Page 11 - Burp Suite User Forum

Help on No response received from remote server

When i do the post request of some sites, it shows No response received from remote server. I reinstalled the certificate and also trust from system.

New variable to BChecks

Hello hackers I would like to add "insertion_point_name" into issue description, but there is no such variable or something like that. And is it possible to make bold text in description? I try <b> [b] * but looks...

Pen Testing Point Of Sales Application

Hi Team, We are attempting to intercept the traffic in order to conduct penetration testing on POS applications such as Oracle Xstore and Samba POS. However, we are currently unable to capture the traffic. Could you...

Stop current webpage from appearing in HTTP History

Greetings. So I have a tendency to listen to music while working, and I do it using Soundcloud. But using it on my browser really messes up my HTTP History with unnecessary traffic shown. Sure I can open it in incognito...

Access to Labs

Hi, I can't Access the labs in portswigger. It takes me to a blog even I click the button and it won't load the lab. Please help.

BCheck Question

Hi, I am trying to write a bcheck that will simply repeat the request but only if the request contains a specific parameter, for example, if the request contains a parameter named "repeat" then I would need to repeat this...

Zscaler proxy

Hi, We have Zscaler proxy, I need support to understand how we can configure zscaler proxy settings in burp suite professional v2023.2.3. burp suite is not able to connect with internet.

Zscaler block issue

We have Zscaler proxy which is not allowing to send parameter change request though burpsuite on testing website and getting error 403 Forbidden (request blocked by zscaler). Is there any way i can send request from...

New Scan

Hello. Whenever I use Live Scan everything works perfectly. However, when I use New Scan, Burp Suite works for a few seconds and then populates the site map with a handful of urls. What am I doing wrong?

Help required for exporting certificate

Hi there, When I export cacert.cer from Burpsuite Pro, it shows Cloudflare, please advise. I thought it is supposed to be from portswigger. 0�0��Z؁{*�H��jɘ��6I' E0 0��1 0 UUS10U San Francisco10U Cloudflare,...

Burp Scan Finding Severity

Hello, I'm a bit confused regarding the severity of findings via Burp Scanner. Recently I ran a Scan on one of my domains and was able to find a bunch of findings however, most of them were of severity "information" as per...

How to change User-Agent send by Burp itself when connect via upstream proxy

When set upstream proxy server, burp will send the following request. (Not send by browser) Version 2020.9.2 ---begin--- CONNECT portswigger.net:443 HTTP/1.1 Host: portswigger.net:443 User-Agent: Mozilla/5.0...

Application Scan Version Number in Sites

When creating a site in Burp Enterprise, is there a way to next subsequent versions of that application under the same site, but with the version number differentiating the scans?

Reset Progress

Hi, could you please reset my progress, learning and labs, please. Thanks David

Burp Pro Log Files

Hello, I would like to know where exactly in Ubuntu can I find the logs for Burp Pro, what Im looking for is the requests and responses made during Burp Scan. I would like to know and retrieve if the Authentication was...

Uploading Video Community solutions

Hey team, I wanted to know how can someone upload a video solution for a lab?

Blind OS command injection Problem!

Hello, currently burpsuite scanner found a vulnerability on the website with the following characteristics Issue: OS command injection Severity: High Confidence: Certain Issue detail The login parameter appears to...

Web cache poisoning with multiple headers - How Do I Actually find these 2 headers to inject my arbitrary values?

I know from the hint the i need to use X-Forwarded-Host and X-Forwarded-Scheme headers but when i used Paraminer extension in Burp it only found x-Forwarded-Scheme header. I used default options : Extensions -> Param Miner...

Unable to get POST request through burp suite

I'm trying to get the request body for my POST request through burpsuite but i keep getting this GET /canonical.html HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0)...

Keep getting ajax instead of the actual request

I keep getting GET /ajax/libs/noty/3.1.4/noty.css.map HTTP/2 Host: cdnjs.cloudflare.com Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120" Sec-Ch-Ua-Mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)...