How do I? - Page 147 - Burp Suite User Forum

Deleted account unknowingly in basic clickjacking with CSRF token protection

Hi, I deleted the account provided while solving the lab. Its, been more than a hour yet it doesn't get reset for me please help me..!(wiener:peter this was the credential)

not getting the validation link

While changing the email id, not getting the validation link on my updated mail. Please help me here

Lab: Password reset poisoning via dangling markup

Hello, In the lab on #5 for the solution after I Send the POST /forgot-password request to Burp Repeater and try to add an arbitrary, non-numeric port to the Host header I get an error. I've followed the solution and...

License Activation Error. Maximum activation allowed

Hello Burp Team I recently changed my laptop so i did another activation. I also had one in my personal machine and another one in the machine i used for jobs. I tried to activate my license in a windows virtual machine...

GraphQL queries to get all issues of the lastest successful scan on a site

Hi! I'm trying to use the new GraphQL API to pull issue data from scans performed by Burp Enterprise. I want to correlate issues to a Site via the latest scan performed on the Site. Through experience in the API, I've...

Teaching license

Hi there, I am teaching ethical hacking in https://heig-vd.ch/en. Among other tools, we are using the free edition of Burp. As we have acquired 3 user licenses of the Pro edition for other activities in my research group, I...

How do I get a latest scan from the list of scans for a specific site?

I'm using the following query to get the list of scans associated with a site. It returns me list of scans associated with the specific site. But how do I get the latest scan out of it? query getScans($site_id : ID!) { ...

Account and data deletion request

Hello, Please delete my account along with any & all data that you have stored, thank you. Sincerely, ~JR

problems with this lab

The lab is CSRF vulnerability with no defenses Every time I go to the Exploit server, I post the exploit into the box, press "Store" then press "View exploit" and I get "Server Error: Gateway Timeout (0)". I've followed...

Burp Suite Certificate Not Working

Hi, The android version I am using is 10. Proxy setting from the phone I save the certificate with the .cer extension from http://burp. I then wrap up on importing. We can simply buy burp from the browser after use, we are...

Reflected -xss Burp sleep dno not see it.

hi TEAM May I know why Burp do not see my manual reflected xss on some website.I thought Burp should support my. I put him passive scan and nothing he do not see this xss and do not illuminate it. What I'm doing...

match and replace

Is it fashionable to use variables or random values for match and replace?

Is there a good write-up on using intercept vs proxy?

Before I ever used Burp Suite, I installed Foxy Proxy and had no trouble seeing the HTTP history. I'm using the Community Edition on VirtualBox Kali. Then I watch a great Burp video (How to intercept HTTP requests and...

Scan is not Enumerating Subdirectories

Hello, I am attempting to scan my testing environment with the Burp Scanner. Unfortunately, even after using Burp Navigation Recorder and supplying login credentials to the scan, it does not make it past the login page. I...

what is the positive or false positive? Or do you need to fix the problem? I hope you answer me please.(Cookie manipulation (DOM-based)

Issue detail The application may be vulnerable to DOM-based cookie manipulation. Data is read from location.href and passed to document.cookie. Issue background DOM-based vulnerabilities arise when a client-side script...