How do I? - Page 134 - Burp Suite User Forum

Change default port for Burp Enterprise after installation

Hi, I am evaluating Burp Enterprise and kept default port 8080 while installing. After a while, I installed some another application which runs on 8080. Now I am facing a port conflict issue in running Burp Enterprise. Can...

Find Uncompleted Academy Topics

Hi, Very tiny problem. I can tell from the % complete guide that I am 98% done with all topics. Problem is, search as I might, I can't find those missing last two percent. Is there an easy way to do this? I wish there...

Issue in solving Multistep Clickjacking

values , as the 'click me' div elements line up with the buttons that need to be clicked but it's still not getting solved. Below is the code. Please help me on this. <style> iframe { ...

IP spoofing

I want to send a request to a website but also i want to my real IP be hidden in other words can i change my real ip from tcp packets inside burp suite? *i tried VPN and sent a reqest to a webserver then in the response,...

Request a fully-featured trial of Burp Suite Enterprise Edition

Attempting to register for a trial license via URL https://portswigger.net/burp/enterprise/trial but not accepting my work email address, being prompted with "Please enter a valid business email address" Can you please...

Trial version of pro BURP

Hello. I'am going through academy and faced with trouble when I need to use pro version of burp to solve some modules. So I decided to try a trial free version of pro Burp but I don't understand how I can get it. Even try...

Is there a way to copy text that retains prettified formatting?

Burp recently introduced native support for the prettified view that automatically indents responses in formats such as json. However, if I select what's on the screen and copy it, I end up with the raw unformatted...

Application gives 500 internal server only when I use Burp

Hi , I am using burp for all my applications I am working on and it works totally fine. But for one single domain it returns a 500 internal server when I use burp , if I turn the proxy off then the application loads fine...

How can I install burpsuite in Docker container ?

hello everyone, I'm trying to install Burpsuite Pro version inside Docker image but after running `installer.sh` I get an Error about "libfreetype.so.6: cannot open shared object file: No such file or directory", also I...

HTTP smuggling

"HTTP smuggling" I have some difficulty understanding the purpose of this attack. If we can't use directly sql injection Can this attack allow us to use sql injection?

Use Burp via squid to connect to Citrix Netscaler Gateway

I'm conducting an external penetration test. I have several Cisco VPNs and a Citrix Netscaler Gateway VPN. I'm trying to configure Portsigger's Burp to connect to my testing platform (Digital Ocean Ubuntu box with Squid) and...

Interception of Citrix Netscaler traffic

I am testing an application that tunnels traffic through a Citrix NetScaler connection and so far have had no success in defeating certificate validation. Evidently, Citrix requires a certificate with the "serverAuth"...

Export Burpsuite issues to CSV

Hi, I'm using Burpsuite Pro and was wondering if there's a way to export the Burpsuite XML to CSV so it can be imported to Powerbi?

Decoder

Hello! In witch vulnerability can us use Decoder in burp suite?

Test Passwords without logging in

So, I am allowed to test the security at our school. Im currently trying to crack the passwords for our Internet. To login, you need a Username and a Password. These are both 3 Digits and randomly generated. Now to my...

LAB: DOM XSS in document.write sink using source location.search inside a select element

Dear, So far I'm absolutely loving the Academy labs. It really made me realize the importance of having a program like Burpsuite having your back during pentesting (i know how to use a proxy, but was not yet familiar with...

Reset an exercise

Hi team, could you help with resetting this completed lab for me please? Would like to have another attempt at it. Thanks.

Use PKI certs for login

When using the burp browser or using external browser when trying to connect to a site that uses PKI user certs for authentication I get the "No supported CertificateVerify signature algorithm for RSA key". I have installed...

Getting multiple URL's in burp collaborator client

First of all thank you guys for so much interactive content, loved it very much! The problem is that every time I try to copy an URL in burp collaborator client it gives different subdomain. Now in the option NUMBER TO...

Match and Replace

Hello I have a dynamic value from response "subscription_left":9963785} 9963785 is dynamic value, How can I replace it to my static value? via Match and Replace Thanks.