How do I? - Page 130 - Burp Suite User Forum

How to uninstall the enterprise version of burpsuite

Hello, I just changed my laptop from Windows platform to MacBook. I want to install the community version of burp suite, but I mistakenly downloaded the enterprise version of burpsuite. My English is not good, so I didn't...

difference of intercepting the responses and then editing it with editing the website with inspect tool

Hi, 1-Imagine i entered to a website and then i used inspect tool to change some thing in the html or java script. 2-Imagine i'm using burp suite and then i'm intercepting HTTP responses and editing the response and...

A kind of Java Error!

when I command "burpsuite" in Terminal, it gives error as: To run Burp Suite using Java 17+, please supply the following JVM...

Request

Hello , I want to do something every (number) of requests , e.g. I want every 6 request to set the username parameter to " test " how should I do it ? - Burp suite pro version :) <----

Apprentice level courses

Hello, I was curious to know how many hours would you say it takes to complete the apprentice level course. Ball park figure. I know it is at your own pace, just to give me an idea if I decide to commit myself to...

SAML - Shib Workflow

Hi! I would like to use intruder to perform a brute force password attack on an Shibboleth IDP. But the problem I have is that they have strict workflow in order to allow that, which I am not able to reconstruct using...

How to crawl sites with complicated logins with Burp Pro v2022.2

I'm using Burp Pro v2022.2. Doesn't seem like there's a way to automatically crawl a website with complicated logins. Both options in Application login do not work. It uses basic auth. I have tried both "User login...

Export Scan Results from Burp Enterprise to Burp Professional

Is there a way to export scan results from Burp Enterprise and then import them into Burp Professional so I can re-test and do further analysis using Repeater, etc? Thanks

Start Burp suite as a different user on Windows 10

Hi all, for some penetration testing tasks I need to start the whole Burp suite as a different user (Windows 10) than the user from the license context. So it asks me to enter the license key again. Which doesn't work as...

Headless mode of the Proxy

Hi, I want to setup Burp in Headless mode in a way to observe the traffic which goes through it as a proxy. Is it possible to see all the requests as the way they can be seen in the Proxy -> HTTP History...

Private Collaborator server issue with DNS records

I am following https://portswigger.net/burp/documentation/collaborator/deploying#collaborator-configuration-file and appear to have everything configured correctly (DEBUG collaborator logs record HTTP and DNS requests) but...

Burp Collaborator client health check message.

Hi, I am trying to do some burp labs and the collaborator wasn't polling. I performed the health check of the collaborator and it gave this message towards the end. "The Collaborator server software is out of date. Some...

Testing The Rule

I read this tutorial:https://portswigger.net/support/using-burp-suites-session-handling-rules-with-anti-csrf-tokens But i have a problem to do this: Testing The Rule We can use Burp Intruder to test our...

There is no Burpsuite Community for Raspberry pi 4

Hi, I am currently using Raspberry Pi 4. With 8GB of Ram. And running a 64bit of Raspbian Debian or Ubuntu or Kali linux Operating system. There seems that there is no support with Burpsuite Community (or all...

Burp scan paused due to error

Hi team, I am running a crawl and audit using Burp suite pro and the scan would run for a few minutes, from Flow I was able to see over 40 urls and most with 200 response, then the scan would pause and fail, the error...

Can't seem to get the project to load with scanner unpaused with Burp2 or Pro v2022.2

I'm using Burp Pro v2022.2. I'm trying to get burp to run from command with the unpause argument, but it keeps opening as pause. I'm the following command: java -jar -Xmx4g Djava.awt.headless=true...

CSRF

I have a question about some webapplications that for changing passwords of users need to users enter their old password: If a webapplication requier old password of users is it possible to reset a victim's pasword through...

some questions about using burp suite professional

Hello. I have some questions about using burp suite professional . My questions : 1)How to fix high memory usage of Burp suite professional ? It uses decent memory and computer freezes while Burp suite is working. I have...

Not able to replay recorded login sequence for my site.

When I replay the recorded sequence it just sticks on the page loading and does not go forward. In the browser console it gives me following error: ``` workbox-window.js:208 workbox DOMException: Failed to register a...

I cannot login using the credentials, weiner:peter

I was trying to solve the labs. but for some reason, I cannot login to the webapp using the given details, weiner:peter