How do I? - Page 143 - Burp Suite User Forum

Where did the mac edition go?

I can't seem to find the macOS version for the BurpSuite community edition. Please help.

LAB: Exploiting HTTP request smuggling to reveal front-end request rewriting

Hello, I have followed everything exactly as written in the tutorial and in the video. At the end of the video Michael Sommer says "the lab is solved", but it isn't and has to keep trying and trying for two minutes and...

Automated Scan and Auditing of REST API

Hi, We want to scan and audit our REST APIs (The endpoints we have needs to be provided with 2-4 headers) and invoke this scan using the native rest API. Is this possible? [because we did not find any way to configure any...

Burpsuite on Kali = blank window

Running kali rolling release 2021.4. When I start burpsuite either using the GUI or command line java -jar /usr/share/burpsuite/burpsuite.jar it starts, shows the startup window, and then goes to a blank window. Trying...

Lab: Username enumeration via response timing - ("X-Forwarded-For:" not working)

Hi, the "X-Forwarded-For:" header is not working, I tried to do lot of researches but no luck. Below are the request and response. Tried placing above and below connection still did not work. Please help, Thanks in...

Use NTLMv2 platform authentication with the Scanner?

Hi, I am targetting a website that uses NTLMv2. I have successfully configured the authentication in the project options (have also tried user options) and can browse the website fine - as well as use the repeater for...

Do not want to manually forward each request

Hi, I am trying to leverage Burp proxy to obtain the API calls in our custom web application. I have a series of automated tests that I would like to run while Burp is running to obtain a list of the POST APIs with their...

Exam Registration Issue: "You are not enrolled in any courses with current or upcoming exams."

Hi PortSwigger. I registered for the Burp Suite exam, i received the confirmation email for the exam purchase. I also created an account in examity as per portswigger instructions mentioned in the email that I received...

Blind SQLi using Time delays

Hi there! I was solving the lab where trackingID cookie is vulnerable to blind sql injection and one has to cause time delay of 10 secs. My question is this why do we have to concatenate our payload '|| (SELECT...

HTTP History no longer displays additional content when cleared

I'm new with Burp and trying to start a fresh list of HTTP History after each lab in web-security-academy.net. This way I'm not getting overwhelmed with data or mixing data with labs. However, once I select "Clear History"...

Getting started....which browser do people use?

I'm starting in the academy lessons. In previous labs using other sites. The built-in browser was used within burp. I have a copy of pro, on Mac w/chrome. Do people use the built-in browser with proxy on Mac or Chrome...

$9 exam offer

I see the $9 exam offer and want to take advantage of it. However, I am not ready to take the test just yet. How long is the $9 offer good for? Do I buy it now and take it when I am ready, or, if I buy it now, do I have to...

Web security Academy

Can anyone help me with the flow to go through all the topics of web security academy. Which topic to start with and to be followed.

Burp Suite Pro Trial License Not Receiving Up in Email

Hi, Recently I downloaded and installed Burp Suite Pro Trail but the email I gave at the time of downloading did not show any license key. Please assist

validate the vulnerabilities

I really want to exploit and see the vulnerability by myself if its really a vulnerability that is shown to me how do I exploit and see and validate what the Burp is telling me. It would help me to analyze the risk...

Request for support document

Hi Team, We have the licensed version for Burp Suite Professional. Please for your urgent support to provide the support document.

Active Scan by Method

Is there a way to run an active scan that doesnt make requests with specific methods: such as post, put, patch, to avoid creating junk data on the target site

Windows server 2016 install

Hi, I'm trying to install the latest version of Burp Suite Pro onto a Windows 2016 server. However, while it's unpacking the bundled version of Java, it hits an error. I have tried with multiple versions of Burp to see if...

Burp Community Repeater doesn't seem to Render full html pages, by design?

using latest BURP Community edition. I pushed a request to the repeater made some changes to the request send the request and get the response. the raw, and pretty print shows everything, yet when I render, it only...

my organization gives me burpsuite professional for working is it enough to attend the burp exam ?

Hi, i dont have any personal burp pro licence but my organization gives me burp pro for working. It is not purchased with my name, am i elgible for attending burp certification exam?