How do I? - Page 169 - Burp Suite User Forum

Lab: Exploiting HTTP request smuggling to perform web cache deception (Solution incorrect)

The solution for Lab: Exploiting HTTP request smuggling to perform web cache deception is INCORRECT. The Lab appears to be updated and is not using the /apiKey function anymore. Instead it is replaced with /my-account...

reproducing the defects

as pen tester after finishing the test with some defects, the developers or the QA asking you to support for reproducing the defects so please 1 what is the solation we can provide as pen tester to let them(dev,QA)...

Why i can't intercept for HTTPS website even just Installed Burp's CA Certificate at my Android device ?

Why i can't intercept for HTTPS website even just Installed Burp's CA Certificate at my Android device ? Iam using genymotion emulator for created "Custom Phone" devices (Android 7.0) I'm using openssl for install the...

How long does Audit Take

Hi, I just signed up for the trial license,and tried running the default scans for crawling and audit. But somehow there estimated time to complete the audit, indicates more then 10 days. Is there something wrong? or its...

Certificate not working on mobile device

Dear Team, I recently purchased burp suite pro, i was using community version and it was working fine at mobile device . i followed the same step to config burp at mobile device by portswigger/burp guide. but when i try...

HOW TO CHANGE NAME

respected authorites, sir, i wanted to changemy name in portswigger account...please help me to change it. respectfully VEDAVYASAN

Burp Enteprise - Crawling/SurfaceDetector

Good morning, We wanted to ask about the correct procedure for implement an endpoint crawling on Burp Enterprise. Actually we can start the scan on a basic url, but even configuring the Most Complete Crawling configuration,...

Scan GraphQL and Issues

I am attempting to get Issues from each Scan in Burp via Python but am running into errors: query2 = """{query: scan(id : $id){ id, } }""" variables = {"id": "201"} r2 =...

Change Email Address to another Person

I want to change the email address to another person

GraphQL

I am attempting to retrieve a list of scans via the GraphQL and Python. No matter what query I send, I get the same generic error: {"errors":[{"message":"Unexpected exception occurred. Check logs for more...

Lab: Exploiting HTTP request smuggling to capture other users' requests.Not getting response

Hi Community, I have been sitting with this lab since yesterday, however I am not be able to get the Victim user to post anything back to the comment. At the end I went through all video I can find on youtube and...

Suite Scope

Under the Url Scope of the New Live Task Dialog, what exactly does Suite Scope mean?

Scanning application - Angular 11 (frontend) and Spring Boot (backend)

Can you help me explain if Burp Suite can scan applications based on Angular 11 (frontend) and Spring Boot (backend) technologies? Can it be done by free version or commercial version?

Lab: Username enumeration via different responses

hello everyone the problem is that in this lab( i am still a noob) but I think there is a problem with the password list of this lab. I found the username but the all passwords are showing 200

Why burp suite has not worked with the lasted version of LDPlayer?

Hi, I have installed and tried both version of LDPlayer 3.117 and 4.0.56 with the same config to track the post and get requests from apps. Problems is when I tried version 4.0.56 nothing happened in the tab Target > tab...

X-Forwarded Headers

How do you know whether or not X-Forwarded headers are supported?

Error

./burpsuite_community_linux_v2021_2.sh After this command shows error ./burpsuite_community_linux_v2021_2.sh: 598: /root/Desktop/burpsuite1/burpsuite_community_linux_v2021_2.sh.16539.dir/jre/bin/java: Exec format...

Burp Enterprise Edition Scan Error

Hey, I have got a trial version of Burpsuite Enterprise edition to do a POC for a purchase. I was trying to run scans but it takes some long time to repond. More than 40 mins it keeps on scanning without any response

Problem generating a CSRF PoC

I understand how basic CSRF works and i have reported some csrf issue to some bug bounty programs in the past, but i have encountered this issue that i don't know what to do. I get this little message when trying to...

Nokia 2.1

Hi I have Nokia 2.1 device with Android 10 version, My problem is that its apps don't work att all with Burp proxy. Kindly note that I tried more and more to change certificate and proxy settings,but no way. Please...