Burp Suite User Forum
Hi Looking for instructions on how to run a Web App pentest on a webiste if I have the username and password
Hi, I have the following request for a pen test: "To identify your traffic as being part of this program kindly add the following headers to your requests: X-SecurityTest-Platform: [bugbounty] X-SecurityTest-Ninja:...
Find the SQL injection in Damn Vulnerable Web App (DWVA) on the High difficulty? The value is entered into the popup window, which is invoked by clicking on the link with the popUp open javascript method. The result is...
Hello, I would like to know whether burpsuite_pro_v2020.2.jar uses chromium or chrome as a component, in order to evaluate whether this version of burpsuite is affected by the recent 2 remote arbitrary code execution 0day...
hi, i need to change email (quockhanhitdakia@gmail.com) to "danglong2829@gmail.com". Thanks. Have a nice day
hi, i need to change the name (quoc khanh) to "Dang Long". Thanks. Have a nice day
Hello, Since the addition of the inspector panel (btw, a very cool addition), I can't find a way to view the hex representation of requests and responses in the message editor. Can I have an explanation on how to do...
If the application is taking PDF then is it possible file upload functionality attack?
Does license for Burp Suite Pro, works on different OS (Windows, Linux, MacOS) or only for dedicated in license OS? I got a license for Burp Suite Pro with Windows installer and I wonder if I can use it on Kali Linux? If...
Hi, When opening Burp on my Dell 5510 it won't maximize and it shows tiny window&letters. What settings should I change to see Burp at normal size and not in miniature. Also, I am not able to install any new updates as...
I have tried to run the jar file using java -jar, but kali says: "warning an illegal reflective access operation has occurred. illegal reflective access by burp.gxr (file:/home/kali/...) to field...
I keep getting the same session cookie from the leak after refreshing the comment tab.. This is the request i used below ..Pls kindly reset the lab POST / HTTP/1.1 Host:...
Hi , I have been using the Burp Suite Enterprise Edition REST API. We have an idea to automate the scan using Jenkins Pipeline. Is there any API or possible way of accruing the SCAN ID by passing the projectname or...
Hello, After a scan, burp triggered a High issue : External service interaction (DNS). I tried to repeat manually the issue using Burp Collaborator but collaborator didn't intercept anything. Having a closer look at...
Is there a native feature or add-on which will compare the same request payload against two different scans? I know the comparer will do this but it's too granular and I am looking for a way to do this for a large number of...
I've been working on this for more days then I'd like to admit. Think I'm just about done but I can't get past this.. It's not able to bind on port 53/TCP Also I don't know where to see details of what the issue is.....
I'm currently attempting a lab in the "Authentication vulnerabilities" topic, and I am finding the knowledge we are expected to have on using burp suite is beyond the level someone is at if they follow the topic...
Hello I have a problem, I am trying to do a pentest to a web app that only allows me to connect through an unauthenticated corporate proxy. I set the upstream proxy to burp, but I still can't navigate when traffic is...
This vulnerability was generated by a response from and an F5. I am getting these quite often as more of the customers are using this technology. We have talked to their development team, and the Burp scanner is creating the...
I have been seeing posts with Burp having issues with SPA pages. We use .net and angularjs for the SPA, will Burp handle this? So far on my trial it has been unsuccessful and some what disappointed. Are there methods of...
Page 158 of 310
Your source for help and advice on all things Burp-related.