How do I? - Page 157 - Burp Suite User Forum

Burp Enterprise deployment to Azure

Hi I have been following your tutorial guide to for deploying burp enterprise to azure. Everything appears to have deployed correctly. However I am stuck on the section for configuring connection security. Your guide says...

Having doubt

In many of the websites, if I enter invalid credentials and capture it with burpsuite the response shows the entire html source, in that if I add any script tag with alert it executed in some websites but not in all.Is this...

brupsuite installation

illegal-access

portswigger burp suite professional trial license

Hi How can I get portswigger burp suite professional trial license if I don't have organization email Thanks

"Errors:request timeout" audit status shown in multiple URLs for all web applications

Dear Team, I am getting "Errors:request timeout" audit status for multiple URLs while others are in scanning status which may end up as request timeout or done.Please help.

Install Burp Suite Enterprise on AWS

Hi There, I have a problem while I deploy Burp Suite on AWS cloud by follow this instruction https://portswigger.net/burp/documentation/enterprise/getting-started/cloud/deploy-aws. After I finished deploy IAM...

Web Security Academy (OAuth)

Hi, in the Web Security Academy OAuth topic, "Leaking authorization codes and access tokens" section. It notes that using "state or nonce protection" does not necessarily prevent these attacks because an attacker can...

Preventing scanner from selecting specific elements

Hi, Does anyone know if there is a way to prevent the scanner from selecting specific elements on the page? My current problem is basically that the scanner currently ends up getting to a "delete account" button....

Test Single page Apps (SPA)

Hi, I have noticed that the scanner is unable to scan URLs and relevant functionality in a single page application. Is there a recommended way to get the best out of Single Page Application scans?

How to Run Burpsuite RHEL8 LINUX Machine with GUI support

java version 11.0.12 in RHEL VERSION 8.4 (Ootpa) Installed successfully Burp suite community edition But not able to start from here with below command /opt/BurpSuiteCommunity/ java -jar...

Error Proxy The client failed to negotiate a TLS connection to telemetry.dropbox.com:443: Received fatal alert: unknown_ca

I'm getting the follwing errors when attempting to use Burp to analyse web traffic. Any site that uses HSTS gets the following error: 1585841893062 Error Proxy The client failed to negotiate a TLS connection to...

Inquiry about Burp Suite

To whom it may concern, My name is Toru Morokata and i work at Hitachi, Ltd. I am writing a post on behalf of Tomoya Suzuki. I'd like to ask about Burp Suite. A vulnerability named CVE-2021-3711 and CVE-2021-3712...

Lab: Exploiting PHP deserialization with a pre-built gadget chain

After modifying the cookie, I am not getting the Symfony internal server error. I am getting a blank screen in Response section. Also after replacing my session cookie with the malicious one created by me, my lab is not...

how do i understand how this work ?/ i do not understand how this payload work

ok i do not understand because at the lab's title said all elements/tags were blocked except custom the script tag seemed not to be blocked somehow also i understand that the custom tag was used (xss) in the actual url that...

BurpSuite Enterprise AWS installation

Hi When I try to install BurpSuite Enterprise and at the install "AWS main CloudFormation template" I get errors for EksCluster, EFSMountTarget1a and EfsMountTarget1b. I have tried using the newly created burp_user and...

connect to embedded database to query the scan results

I would like to connect to embedded database and query the result. Or can you provide the steps to migrate embedded database to mysql database. I have seen the steps for migrating to oracle. But we would like to migrate to...

Accessing portswigger labs gives error message

Hi I am trying to access the portswigger labs. However when I click the start button, it gives error, sorry for the inconvinience. Is there any fix for that?

credentials

Dears When I map my proxy to burp (127.0.0.1:8080) I am asked to enter my credentials with every page I opened in the browser, then after a couple of minutes, my AD account gets locked.

Global Proxy on Android Emulator

Hi, is it possible to use Burpsuite as a Global Proxy on a rooted Android Emulator? (possibly AVD in the Android Studio). I want to intercept the traffic of all applications and not only the browser. I can use HTTP Toolkit...

No more activation allowed for this license Error

Dear Team, I'm facing the issue of "No more activation allowed for this license" from another user profile in same laptop. I want to use the same from another profile however, not allowing to activate the same. I have...