Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

HTTP Request Smuggling

I don't understand how the content-length of the smuggler request is calculated in the lab that works as te.cl in request smuggling Can you help me 15 where does it come from? (It accepts limits between 10-15, I get an...

Last updated: Feb 14, 2022 06:44PM UTC | 1 Agent replies | 2 Community replies | How do I?

Messages containing serialized objects are not flagged?

Hi! I'm currently working on the serialization labs. A tip on this page: https://portswigger.net/web-security/deserialization/exploiting says the following: "For users of Burp Suite Professional, Burp Scanner will...

Last updated: Feb 14, 2022 05:05PM UTC | 1 Agent replies | 1 Community replies | How do I?

HTTP Request Smuggling

Located at https://portswigger.net/web-security/request-smuggling/finding uri The request for "Confirming TE.CL vulnerabilities using differential responses" is given as "POST /search HTTP/1.1 Host:...

Last updated: Feb 14, 2022 01:54PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp API does not include the all issues

Hello, I'm trying to scan testphp.vulnweb.com through the Burpsuite REST-API but I notice that the issues results in the API is 165 but in the UI is more than 300

Last updated: Feb 14, 2022 01:17PM UTC | 1 Agent replies | 0 Community replies | How do I?

Is that possible to create a Docker image of Burp Pro?

I am trying to create a docker image of Burp suite, two challenges showed up: 1. How to get a Burp Pro version and load the license in it without UI interaction? 2. I have some my own extensions as Jar files, how can I...

Last updated: Feb 14, 2022 01:10PM UTC | 9 Agent replies | 12 Community replies | How do I?

How do I run scans in headless using application login

I recorded a login and confirm it's able to do authenticated crawl and audit I'm a new scan with the UI. I'm trying to achieve an authenticated audit only of the crawled URLs in headless mode is this possible?

Last updated: Feb 14, 2022 11:39AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite not running on 1080 resolution

I don't know but the when i opened the burpsiute it seems little bit distorted , any solution ?

Last updated: Feb 14, 2022 10:02AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite wont run its browser

I am trying to do SQL lab 3 and when I open the browser it will not load the lab on the browser. Can anyone tell me what I'm doing wrong?

Last updated: Feb 14, 2022 10:00AM UTC | 1 Agent replies | 0 Community replies | How do I?

An error occured is coming while asking for response for the activation

Hey Team, I am using burp suite pro trial version and I am having its license key. When i try to enter the key and go for manual activation it asks for activation response. Then error message is coming that an error has...

Last updated: Feb 14, 2022 08:14AM UTC | 1 Agent replies | 1 Community replies | How do I?

How can I send request from a password reset post to forward to a different email

I am having issues with an old email that I registered on the website and it is impossible to have access to the email since the recovery key is linked to an old phone number which I had. I have formed the following Burp...

Last updated: Feb 13, 2022 11:16AM UTC | 0 Agent replies | 0 Community replies | How do I?

How do I run scans in headless using application login

I recorded a login and confirm it's able to do authenticated crawl and audit I'm a new scan with the UI. I'm trying to achieve an authenticated audit only of the crawled URLs in headless mode is this possible?

Last updated: Feb 12, 2022 06:23PM UTC | 0 Agent replies | 0 Community replies | How do I?

Crawler not populate certain URL to sitemap

Hi, I am using the Burp Pro, and noticed a weird behavior with Burp. In the Crawler logger, I saw that crawler sent requests to '/api/...', but that 'api' branch never get populate in the sitemap. The crawler is setup...

Last updated: Feb 11, 2022 09:42AM UTC | 1 Agent replies | 0 Community replies | How do I?

Viewing saved Intruder attacks (Burp Pro 2022.1.1)

When you close an attack window, it gives you an option to save it in the project file. However, I can see no way to pull up the 'saved' intruder entries after reloading the project. What's the trick?

Last updated: Feb 11, 2022 08:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

&lt; auto decode to <

Hi Burp Team, If the response contains HTML special characters e.g (<>') with the HTML tags, they appear in encoded form. Example: ======== <h1>Profile of &lt;class &#39;type&#39;&gt;!</h1> Is there any way to...

Last updated: Feb 10, 2022 01:29PM UTC | 1 Agent replies | 0 Community replies | How do I?

REST API Scanning Using Burp Enterprise

Hi Team, APIs are not web apps where the crawler can be used to automatically discover various links, forms, sub directories and inputs fields. It's kind of point-and-shoot and it provides expected output for a given...

Last updated: Feb 10, 2022 09:50AM UTC | 3 Agent replies | 2 Community replies | How do I?

How do I intercept HTTP requests and responses using HMA Vpn with Burp Suite.

Greetings, Please guide me on How to intercept HTTP requests and responses with Burp Suite (Community) while HMA Vpn is on. Thank you in advance.

Last updated: Feb 10, 2022 07:36AM UTC | 1 Agent replies | 0 Community replies | How do I?

cookies session collaborator

Hi Team I would like ask about easy question.If I want intercept some cookies session how should looks like line with burp collaborator. ‘“><img src=x...

Last updated: Feb 09, 2022 07:40PM UTC | 3 Agent replies | 3 Community replies | How do I?

Lab Solution clarification

Lab: "Reflected XSS into HTML context with all tags blocked except custom ones" <a...

Last updated: Feb 09, 2022 02:41PM UTC | 2 Agent replies | 1 Community replies | How do I?

Lab: Username enumeration via account lock server timeout issue

I'm attempting to do this Lab, but whenever the requests reach the 400s, it keeps timing out for me, giving me a 504 error. I've tried breaking up the requests into 20, 25, and even 33/33/34 per attack, but when I do that, I...

Last updated: Feb 09, 2022 09:50AM UTC | 3 Agent replies | 3 Community replies | How do I?

Apply for a trial license

Attempting to apply for a trial license of enterprise edition, but not accepting my work email address, being prompted with "Please enter a valid business email address" Can you please assist. zhupeng@cathayjr.com Thank...

Last updated: Feb 09, 2022 08:56AM UTC | 1 Agent replies | 0 Community replies | How do I?

130 131
132
133 134

Page 132 of 332

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image