Burp Suite User Forum
Hi, in the Web Security Academy OAuth topic, "Leaking authorization codes and access tokens" section. It notes that using "state or nonce protection" does not necessarily prevent these attacks because an attacker can...
Hi, Does anyone know if there is a way to prevent the scanner from selecting specific elements on the page? My current problem is basically that the scanner currently ends up getting to a "delete account" button....
Hi, I have noticed that the scanner is unable to scan URLs and relevant functionality in a single page application. Is there a recommended way to get the best out of Single Page Application scans?
java version 11.0.12 in RHEL VERSION 8.4 (Ootpa) Installed successfully Burp suite community edition But not able to start from here with below command /opt/BurpSuiteCommunity/ java -jar...
I'm getting the follwing errors when attempting to use Burp to analyse web traffic. Any site that uses HSTS gets the following error: 1585841893062 Error Proxy The client failed to negotiate a TLS connection to...
To whom it may concern, My name is Toru Morokata and i work at Hitachi, Ltd. I am writing a post on behalf of Tomoya Suzuki. I'd like to ask about Burp Suite. A vulnerability named CVE-2021-3711 and CVE-2021-3712...
After modifying the cookie, I am not getting the Symfony internal server error. I am getting a blank screen in Response section. Also after replacing my session cookie with the malicious one created by me, my lab is not...
ok i do not understand because at the lab's title said all elements/tags were blocked except custom the script tag seemed not to be blocked somehow also i understand that the custom tag was used (xss) in the actual url that...
Hi When I try to install BurpSuite Enterprise and at the install "AWS main CloudFormation template" I get errors for EksCluster, EFSMountTarget1a and EfsMountTarget1b. I have tried using the newly created burp_user and...
I would like to connect to embedded database and query the result. Or can you provide the steps to migrate embedded database to mysql database. I have seen the steps for migrating to oracle. But we would like to migrate to...
Hi I am trying to access the portswigger labs. However when I click the start button, it gives error, sorry for the inconvinience. Is there any fix for that?
Dears When I map my proxy to burp (127.0.0.1:8080) I am asked to enter my credentials with every page I opened in the browser, then after a couple of minutes, my AD account gets locked.
Hi, is it possible to use Burpsuite as a Global Proxy on a rooted Android Emulator? (possibly AVD in the Android Studio). I want to intercept the traffic of all applications and not only the browser. I can use HTTP Toolkit...
Dear Team, I'm facing the issue of "No more activation allowed for this license" from another user profile in same laptop. I want to use the same from another profile however, not allowing to activate the same. I have...
I'm a beginner. I tried to create a proof of concept using <script>alert(1)</script> in repeater and I viewed the same in web where the alert box didn't appear, but the mentioned script tag was present in the search box for...
Two questions 1. Can you specify a custom header on a Burp Enterprise scan? I need to supply a JWT in an authorization header before the app will even really respond and there is no direct login mechanism as it is a...
Hi all, I would like to Import to Sitemap extension in a headless mode - is there any way to do so out-of-the-box? Are there any other ways? My use-case is the following: 1. start Burp in headless mode 2. pass .zap...
Hi As the solution indicate: ``` Examine the change email function. Observe that there is an XSS vulnerability in the email parameter. ``` Is there any explanation on how we get that? Thanks.
Hi Support, I would like to know how much (in USD) does it cost to renew my current Burp Suite Pro license?
The RaspberryPi 4 Image on Offensive-Security doesn't come with BurpSuite. It looks like it isn't supported on ARM images. I was wondering if this is correct or am I missing something. I downloaded this image: Kali...
Page 135 of 311
Your source for help and advice on all things Burp-related.