How do I? - Page 120 - Burp Suite User Forum

Bruteforce authentication forms

Hello everyone! I test the scanner and scan http://webscantest.com/login.php This form has a simple password - admin / admin However, burp did not find this vulnerability (and other scanners easily find it) Why is...

Modify target from abc to xyz

Suppose I have abc.com and xyz.com both are different versions of a same application. And I want to run all the tests I did on abc.com on xyz.com, Is it possible in Burpsuite to just edit the url from abc to xyz and change...

hi I need a little bit help

hi, I want to place an automated order or place an order headlessly. I tried a lot but I am not able to figure it out it would be great if u help me.

Intercepting AVD-Emulated Android 11 Using Macbook Pro M1 Burp

Does anyone has any experience with this before? I cant seem to install the Burp certificate on the device since the Android 11, and the only Android version available in Mac is only for Android 11.. I know that this is not...

ProjectDiscovery vi Burp

Hi Team I have stupid question .I'm not smart person .If I will ask your Burp Team that way .Why is better to use.?? BURP Professional($$$) or all this software from ProjectDiscovery...

Instalation of Burp Suite

When I've been hasked to enter Licence Key I select the Licence Key file in the location the licence number appers in the window when i click next .... the number disapear and I stay in the same windows ... (like not a...

Run a BURP scan without error

After setting up a scan for a Fax portal, I'm getting prompted for credentials, even though I have defined these in the scan. When I input the same credentials when browsing the webpage to be scanned, I receive the error:...

Is it possible to configured Burp Enterprise to use a Burp Collaborator server?

One of my colleagues has asked if it it possible to configured Burp Enterprise to use our own Burp Collaborator server? I've had a quick poke around the scan and server settings, as well as your online documentation but...

BurpSuite Enterprise Edition + Docker Integration + C# REST.API PARSER

I am working with a team on the following stuff: - C# REST.API SCAN PARSER WHICH CREATES SCANS OF AN EXISTING SITE AND EXECUTES SCANS AND DISPLAYS THE REPORT WITH A JSON PARSER - Dockerfile including the installation of...

"Open browser" missing

I don't find the "open browser" under Proxy > Intercept https://ibb.co/jwrJCXh

run burp on openjdk 17

When I try to run burp Use this command java -jar -Xmx4g burpsuite_pro_v2021.10.2.jar Error To run Burp Suite using Java 17+, please supply the following JVM...

Where did the mac edition go?

I can't seem to find the macOS version for the BurpSuite community edition. Please help.

LAB: Exploiting HTTP request smuggling to reveal front-end request rewriting

Hello, I have followed everything exactly as written in the tutorial and in the video. At the end of the video Michael Sommer says "the lab is solved", but it isn't and has to keep trying and trying for two minutes and...

Automated Scan and Auditing of REST API

Hi, We want to scan and audit our REST APIs (The endpoints we have needs to be provided with 2-4 headers) and invoke this scan using the native rest API. Is this possible? [because we did not find any way to configure any...

Burpsuite on Kali = blank window

Running kali rolling release 2021.4. When I start burpsuite either using the GUI or command line java -jar /usr/share/burpsuite/burpsuite.jar it starts, shows the startup window, and then goes to a blank window. Trying...

Lab: Username enumeration via response timing - ("X-Forwarded-For:" not working)

Hi, the "X-Forwarded-For:" header is not working, I tried to do lot of researches but no luck. Below are the request and response. Tried placing above and below connection still did not work. Please help, Thanks in...

Use NTLMv2 platform authentication with the Scanner?

Hi, I am targetting a website that uses NTLMv2. I have successfully configured the authentication in the project options (have also tried user options) and can browse the website fine - as well as use the repeater for...

Do not want to manually forward each request

Hi, I am trying to leverage Burp proxy to obtain the API calls in our custom web application. I have a series of automated tests that I would like to run while Burp is running to obtain a list of the POST APIs with their...

Exam Registration Issue: "You are not enrolled in any courses with current or upcoming exams."

Hi PortSwigger. I registered for the Burp Suite exam, i received the confirmation email for the exam purchase. I also created an account in examity as per portswigger instructions mentioned in the email that I received...

Blind SQLi using Time delays

Hi there! I was solving the lab where trackingID cookie is vulnerable to blind sql injection and one has to cause time delay of 10 secs. My question is this why do we have to concatenate our payload '|| (SELECT...