Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Web Security Academy || Finding and learning to make scripts like the labs

Hi All, During the learning path I notice that alot of good theory is explained about how and what a vulnerability is and how to recognize it. However, I find the practice of this very poorly explained. Just like the...

Last updated: Jan 20, 2022 01:39PM UTC | 1 Agent replies | 0 Community replies | How do I?

No more activation allowed for my license

I have uninstalled all existing versions and need to install in one new machine. I need help because i'm not allowed to activate license on new new machine.

Last updated: Jan 20, 2022 11:23AM UTC | 1 Agent replies | 1 Community replies | How do I?

...address these error messages when doing an audit and crawl?

1) Paused due to error: 10 consecutive audit items have failed 2) Discarding log entries as logger memory limit reached 3) Your system is running low on physical memory, yo may experience problems 4) [6] Communication...

Last updated: Jan 20, 2022 08:12AM UTC | 2 Agent replies | 1 Community replies | How do I?

Lab: 2FA bypass using a brute-force attack

Firstly, love all the labs you guys have, over 150 labs now, very impressive. Well done! For this lab "Lab: 2FA bypass using a brute-force attack", the solution is great, totally understand how it works etc. However,...

Last updated: Jan 19, 2022 10:53PM UTC | 7 Agent replies | 16 Community replies | How do I?

Firefox

I'm trying to install Burp's certificate to the latest version of Firefox (Windows), but once I try to import the certificate (which I got by proxying through Burp to http://burpsuite), I get the error message "This is not a...

Last updated: Jan 19, 2022 10:03PM UTC | 0 Agent replies | 3 Community replies | How do I?

How to install CA certificate in Rooted Android Phone

Hi, plz guide me how to install certificate in rooted android phone .I am using samsung j6 and android v10. I follow some tutorials but give me these errors i.e: 1)The client failed to negotiate a TLS connection to...

Last updated: Jan 19, 2022 06:37PM UTC | 1 Agent replies | 0 Community replies | How do I?

Cant intercept request in Android 7

So I've installed cert in system root device. i can see PortSwigger in System Trusted credentials. I've set proxy in burp suite with port 8080 and bind to address all interfaces. I've set proxy in my emulator with ip address...

Last updated: Jan 18, 2022 02:20PM UTC | 2 Agent replies | 1 Community replies | How do I?

call graphql api

Hi dear, I wanted to call graphql api, but I have a problem in my code, I use .net 6.0. When I called the api from PostMan everything's are OK, but when I call it from my code the response is 200, but I get this...

Last updated: Jan 18, 2022 09:45AM UTC | 2 Agent replies | 1 Community replies | How do I?

Address Agent Machine Pools in Graphql

Hi, Able to run scans with GraphQL no issues, but how to send a scan to a specific Agent Machine Pool in GraphQL? thanks

Last updated: Jan 17, 2022 06:30PM UTC | 1 Agent replies | 1 Community replies | How do I?

Integrating burp-suite to azure DevOps.

java -jar path/to/ci-driver.jar https://your-enterprise-server:8080 --api-key=secret --site-id=7 --min-severity=high --min-confidence=certain --report-file=scan-report.html --report-type=summary The batch script above...

Last updated: Jan 17, 2022 05:47PM UTC | 1 Agent replies | 0 Community replies | How do I?

Export response body from intruder

Hi, I want to export response body result from Intruder to separate files. I found an LFI and the content of each file is in the response body. I want to extract all of those files to their names, could it be possible...

Last updated: Jan 17, 2022 04:22PM UTC | 1 Agent replies | 1 Community replies | How do I?

Unable to download burp suit community Edition

Hi, I have tried to download burp suit community Edition several times, but once I click the download button, it just stops for hours without downloading it.

Last updated: Jan 17, 2022 03:20PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp trial request - provide bussiness email

when i request free trial of burp pro it says that i have to enter a valid business email address - my email is my account email

Last updated: Jan 17, 2022 02:02PM UTC | 1 Agent replies | 0 Community replies | How do I?

Getting Started website instructions aren't working

The BurpSuite documentation web page https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic explains how to modify a request in Burp Proxy. The instructions say to open the embedded...

Last updated: Jan 17, 2022 11:47AM UTC | 3 Agent replies | 2 Community replies | How do I?

Changes in Requests

Hello, When I toggle off the interception in the proxy tab, does Burp Suite change anything in the request? And if it does, how can I stop it?

Last updated: Jan 17, 2022 11:25AM UTC | 1 Agent replies | 0 Community replies | How do I?

Copy a Cookie Value as a Request Header or Parameter

There doesn't seem to be a native way to do copy a value either stored in the cookie jar or during the http request in the cookie header to a request parameter or request header. I've seen quite a few web applications...

Last updated: Jan 17, 2022 11:08AM UTC | 1 Agent replies | 0 Community replies | How do I?

Analyize traffic of mobile application

I would like to analyze the traffic of existing applications. By configuring burp suite and the proxy for mobile testing I also get the traffic of the whole Android System. But I only want to have the traffic of the...

Last updated: Jan 17, 2022 09:59AM UTC | 2 Agent replies | 1 Community replies | How do I?

Intruder attacks

I want to insert 2 payloads in the web request in intruder. let the 1st payload be 60 passwords and the second payload contains 5 values only. I want to change the second payload after each 12 passwords in payload 1 but...

Last updated: Jan 17, 2022 09:50AM UTC | 1 Agent replies | 0 Community replies | How do I?

An issue in payload for the OOB SQL injection detection

Hi, In my recent penetration testing I discovered a few instances of Blind SQL Injection in a .NET application with a "Microsoft SQL Server 2000" back-end database system. I used the following payload for the OOB SQL...

Last updated: Jan 17, 2022 12:20AM UTC | 0 Agent replies | 2 Community replies | How do I?

Integrating burp-suite to azure DevOps.

java -jar path/to/ci-driver.jar https://your-enterprise-server:8080 --api-key=secret --site-id=7 --min-severity=high --min-confidence=certain --report-file=scan-report.html --report-type=summary The batch script above...

Last updated: Jan 16, 2022 06:32PM UTC | 0 Agent replies | 0 Community replies | How do I?

112 113
114
115 116

Page 114 of 311

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image