Burp Suite User Forum
I recently installed the Burp Enterprise Trial via cmd line on Ubuntu 20.04, but I am not seeing that I have the embedded agent as an option. Do I need to run an additional installer for the embedded agent?
I have to do access control stage 2 issue on version 7.1 of Webgoat now, and it says I need developer mode here, but I want to know how I can solve the problem by using Burp Suite without developer mode.
When there is a request to a specific URL, I want to change its response body. How can I do that? I checked the response modification part of the program and it seems that the match and replacement must all happen against...
Hello, How to scan/test Microservices Architecture-based attacks using burp suite. I would like to know if any scan settings will cover this part during the scan.
Hi! I'm facing an issue with burpsuite. The issue is after set proxy in Mozilla Firefox and in burpsuite the configuration is still not properly working. Then I thought browse embedded browser this is also not working said...
Can we intercept tcp/ ip protocol in burp?
Hi there, Does burpsuite have a way to do pre-test and post-test script like postman does? You can use pre-request scripts in Postman to execute JavaScript before a request runs. By including code in the Pre-request...
Hi, I am trying to learn Webapp scanning with Burpsuit, could you please suggest hot to start as i am completly new
Hi Team, i must scan a website that have a Apache HTTP based login popup. So when i open the target site an apache popup (with login and password) is opened. I try to use 3 methods to configure it on burp scanner. 1)...
As i browse through a target website with burp logging the requests there are directories and files that burp logs but doesn't request, how do i make burp automatically request every request it logs in the community version?...
Hi, I am trying to learn Webapp scanning with Burpsuit, could you please suggest hot to start as i am completly new
i did not see any activities running at burp when using native app. only web browser activities is shown in history
Hi all, I'm doing the following lab: - https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-arbitrary-object-injection-in-php And I have a question (Spoiler): to exploit the PHP...
Hello portswigger's team, I'm using Burp Suite Enterprise Edition v2021.3 (Linux). I've just configured SSO with LDAP. A group called 'Appl_Burp' was created in AD and also in BurpSuite Enterprise. A user that I will...
Hello, I am seeking help to prevent my Burp Extension from URL encoding a payload. This seems to happen automatically by Burp (I am sending the request from the extension using the non-urlencoded payload). I saw a Java...
i am reading the guide 'Installing Burp's CA Certificate in an Android Device' https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-android-device this website http://burpsuite does not...
We had an external pen test run and it showed a Host Header Injection issue. When I looked in your on the application I could not find that as one of the issues you scan for is this correct?
I am using the free edition of burp and when I do inspect a website using intercept Open Browser the website seems not to load and keeps loading and there are no content. Is there a reason for this or just because I am using...
Hi, I'm wondering if there's a way to specify which agent machine does the actual scanning when specifying a site to scan. We have some sites that are only accessible internally and some that are public facing. I am...
Traffic not flowing into burp suite from remote machine,however Traffic is flowing from local machine to burpsuite. Note- All the proxy are correctly configured stil traffic not flowing Can someone help here?
Page 163 of 311
Your source for help and advice on all things Burp-related.