How do I? - Page 140 - Burp Suite User Forum

Setup BurpSuite Collaborator Issues

Just stood up a private collaborator server. went through a guide and got the service running now. Healthcheck fails and says <random>.collab.domain.com could not be resolved to an IP address. Ensure than an appropriate DNS...

Duo/MFA Authentication

With Zap I can do manual authentication: simply launch the browser, do my sites' crazy MFA routine, and get a session. Then I can hit scan. Burp for scans and spiders seems to want to handle the authentication "for me" in...

Burp Suite Pro (try for free) license

Hi Where can I find a license for burp Suite Pro (try for free)?

About commercial use of burp suite professional

※I'm using google translate I inquired by e-mail, but I did not receive a reply, so please let me ask you a question here. Is burp suite professional available for commercial use (diagnosis for web apps developed by my...

Automatically change Response to a specific body

Hi I want to change Response body of some requests automatically but I don't know how to do it. For example I have a request sent to example.com/api/hello where the response of request leads me to...

Lab: Web shell upload via obfuscated file extension

Hi team, When I followed the lab solution and changed the file parameter to "exploit.php%00.jpg", I get the 404 Bad Requests error. I was able to solve the lab by changing the filename parameter to...

XSS DOM Based

Burp has created DOM XSS issues with this description: Data is read from window.location.href and passed to $() via the following statements: var anchor = extractAnchor(window.location.href); var anchorMatch =...

How to Delivery Exploit in Burp and how it affects the certification?

I would like to show two labs: Reflected XSS into HTML context with all tags blocked except custom ones Reflected XSS with event handlers and href attributes blocked Both exactly same strategy but differents...

Skipping location in API definition because it is out of scope.

Hi BurpSuite Support, I am evaluating the API Scanning functionality in BurpSuite Enterprise edition and have paid particular attention to the following page and this forum but I cannot find a solution to a problem that I...

Update Authorization header in requests to Scanner/Repeater

Hi, TL;DR: Trying to update subsequent requests with updated session information after session times out (in scanner/repeater) - Basically won't have to re-login and rerun the requests. I've followed...

Activate license - Not Working

Hi support Team I have problem with active license key. When I active my license the response is There was a problem checking your license Please download your license key from your account and try again. For help...

Cant find "Take Exam" option on my portswigger account

I am following exam guide and it says this: "In order to take the exam, you will first need to log in to your PortSwigger user account. You will find a button labeled "Take exam", which you will be able to use to begin the...

How to automate sending hundreds of requests, each with slightly different request body?

As title says. Help will be appreciated.

Error

My Burp Suit was working normally and then once I closed and opened it again I get this message "No JVM could be found on your system Please define(Exe4j_Java_Home)" What could I do?? Help..

SSRF via OpenID dynamic client registration

Dear Portswigger support, I have hard times getting through the lab. this JSON sent to the /reg endpoint: POST /reg HTTP/1.1 Host: oauth-acf01f431f25df1fc07c2d3502f5009a.web-security-academy.net Content-Length:...

No more activations allowed for this license

Hi, I'm facing 'Failed to upload license: No more activations allowed for this license' error. I had installed license in my laptop earlier and had not used it for few days, now when i tried to login and use, it asked to put...

Determining software versions

Hi I'm using the Enterprise version. Can you tell me why the scanner does not detect versions software? For example, the version of the web server? Why doesn't CVE show? I know that for the Professional version, i can...

Burp Collaborator Server

Dear Team, Is there any particular URL/ip for burp collaborator server,so that i can give an access in our firewall from organization network.Please also let us know on which port and direction should we give access.

Remove Java JRE 1.9.0 on Burp Suite Enterprise Edition v2021.11

Tenable.sc scans picked up end of life for java jre 1.9.0: Path : /opt/burpsuite_enterprise Installed version : 1.9.0_4 Latest versions : 1.8.x / 1.11.x / 1.15.x Support dates : 2018-03-01 (end...

A post with HTML

Some text Some other text # Stuff ## Things ### Gubbins #### Bobbins