How do I? - Page 140 - Burp Suite User Forum

Post Reflected XSS

Hi, I'm able to modify a parameter in POST request (Using Burp Suite Repeater) and gets the alert in the browser when I "show response in browser". That means there is an issue with the input validation. When I tried to...

Samsung Galaxy S10 Mobile

Dear Team, Iam unable to intercept the request in the burp tool using Samsung Galaxy S10 mobile with Version 9. but i can intercept the request with other mobiles. My question is: Can we intercept the request with Galaxy...

Regarding to Proxy setting

Dear sir, I want to know how start Brup suite tool after porxy setting is done as 127.0.0.1 and port 8080. When I try to intercept on web-browser shows error and pop-up an error connection is not private. I have tried and...

Corrupt Files

I bought the Pro edition mainly for the crawl and audit feature with monthly scans, however I am working with the scans for this month and every time I open the file it is corrupted and has to be repaired. It's very...

Upgrading to 2021.6

I am looking at upgrading to 2021.6. Was curious if this is just an upgrade or does it cause a new for a complete install? Thanks

Enterprise edition Burpsuit deployment issue in AWS environment

Hi Team, We are trying to deploy the enterprise edition burpsuite version in our AWS environment.However, we are unable to deploy it since the existing cloudformation template is not able to create the load...

Send multiple requests at once to intuder to process one by one request

Hi Team, I have intercepted 4 important requests in the burp like, login, profile edit, forgot password, register page. Now I have 100 payloads to run for each parameter in all the four requests automatically instead...

Issue with Burpsuite license in VM

We have a VM in which I entered using my credentials and installed the burpsuite Pro license. But when my team logins with their credentials, the burpsuite is asking for the license activation again. Need your help in...

How do I use Burpsuite to scan the requests created during execution of TestCafe scripts

We are using TestCafe as our Automation testing tool and running its scripts to get security threats of web application. Since TestCafe use local IP address, port and session ID in the URL before actual application URL,...

error running web scan

Hello! I get an error when launching a web scan! error from the log 2021-07-26 10:15:27 [e] INFO - Exception report: 2021-07-26 10:15:27 [e] INFO - Category: COMMON_RUNTIME_FAILURE 2021-07-26 10:15:27 [e] INFO - ...

Cannot start embedded browser

Hello, I have really been enjoying Burp. However, since the last few updates, I cannot render responses. I run the emmbeded browser healthcheck and get this error: Unable to start browser: DevTools listening on...

Kali linux Raspberry pi Burp install error

I looked around the forums and I have not seen a fix yet, maybe I missed it. From what I did find, is that you need to be on 64 bit. Raspberry pi 4 specs: Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC 8GB...

[SPOILER] "Lab: SSRF with whitelist-based input filter" explanation?

Hi! I do not understand why the payload "http://localhost%2523@stock.weliketoshop.net/admin/delete?username=carlos" works in this lab. I think I understand this part: The filter only URL decodes a single time, which...

make burp intruder follow redirects (302) ?

I know that it is possible to make repeater follow redirects. But is it possible to make intruder follow redirects?

Scanner errors

I use Burp Suite Enterprise for scanning our web applications. Of let scheduled scans have been failing to run. Below are the errors that app is returning: #Failed to despatch scan to New agent1. #10 consecutive audit...

xss

i dont know how to make different payloads for different labs like i am not able to figure out which payload will work where. i just want some guaidance so can you help me?

Burp Infiltrator and .net 4

I am trying to install the infiltrator on web server that has .net 4 framework. When installing it keeps saying that it cannot install the .net 3.5. Is the infiltrator able to run on version 4? When building the...

How do i scan GUI test which runs on google chrome.

We are trying to scan the GUI tests using burp suite, but the chrome which is triggered does not have burp extension. Kindly guide us on how we can trigger a google chrome with burp extension in automated way.

How to proceed with API testing using burp suite community version

Please send me documentation link using which I can proceed with API testing in community version. I have to test Get requests.

Modifying Burp EE CloudFormation templates to expose REST API outside the VPC

I am trying to use the official Burp EE CloudFormation templates (https://portswigger.net/burp/documentation/enterprise/getting-started/cloud/deploy-aws) to install Burp EE on my AWS account. The problem is, these...