How do I? - Page 181 - Burp Suite User Forum

Burp shows super tiny window&letters

Hi, When opening Burp on my Dell 5510 it won't maximize and it shows tiny window&letters. What settings should I change to see Burp at normal size and not in miniature. Also, I am not able to install any new updates as...

Get Burp Community on Kali Linux Oracle V-box

I have tried to run the jar file using java -jar, but kali says: "warning an illegal reflective access operation has occurred. illegal reflective access by burp.gxr (file:/home/kali/...) to field...

Lab: Exploiting HTTP request smuggling to capture other users' requests

I keep getting the same session cookie from the leak after refreshing the comment tab.. This is the request i used below ..Pls kindly reset the lab POST / HTTP/1.1 Host:...

REST API Functionality

Hi , I have been using the Burp Suite Enterprise Edition REST API. We have an idea to automate the scan using Jenkins Pipeline. Is there any API or possible way of accruing the SCAN ID by passing the projectname or...

How can I be sure about "External service interaction (DNS)" issue

Hello, After a scan, burp triggered a High issue : External service interaction (DNS). I tried to repeat manually the issue using Burp Collaborator but collaborator didn't intercept anything. Having a closer look at...

Comparing Scan Responses

Is there a native feature or add-on which will compare the same request payload against two different scans? I know the comparer will do this but it's too granular and I am looking for a way to do this for a large number of...

Setup Private Collaborator

I've been working on this for more days then I'd like to admit. Think I'm just about done but I can't get past this.. It's not able to bind on port 53/TCP Also I don't know where to see details of what the issue is.....

Finding solutions using Burp Suite

I'm currently attempting a lab in the "Authentication vulnerabilities" topic, and I am finding the knowledge we are expected to have on using burp suite is beyond the level someone is at if they follow the topic...

External proxy configuration failed

Hello I have a problem, I am trying to do a pentest to a web app that only allows me to connect through an unauthenticated corporate proxy. I set the upstream proxy to burp, but I still can't navigate when traffic is...

Session Token in URL

This vulnerability was generated by a response from and an F5. I am getting these quite often as more of the customers are using this technology. We have talked to their development team, and the Burp scanner is creating the...

Enterprise edition and SPA pages

I have been seeing posts with Burp having issues with SPA pages. We use .net and angularjs for the SPA, will Burp handle this? So far on my trial it has been unsuccessful and some what disappointed. Are there methods of...

Authentication via a separate URL

Hi all. Currently using Burp Suite Enterprise. I'd like to scan an application which has a separate authentication portal. You go to Domain A, which forwards you to Domain B to login. If successful it authenticates...

CREATE SCAN CONFIGURATION

How can I create a scan configuration for Burp Suite Enterprise to be able to check for OWASP Top 10 Vulnerabilities?

Enterprise TLS Certificate untrusted

I have followed several other posts about importing trusted certs into a certificate store. I have "successfully" imported a certificate but the TLS Certificate untrusted finding continues to flag. How can I get this...

Change the Name Burp Suite User

i, i need to change the name (cao hung anh) to "Trinh Bao Long". Thanks. Have a nice day

Burpsuite Certificate

I followed all the method to configure proxy in my iOS device. But it seems whenever i set my proxy - 1. I'm not able to get the certificate while navigating http://burp or http://burpsuite 2. If I installed manually I'm...

It is not possible to download Certificate CA to Firefox or another browser

It is not possible to download Certificate CA to Firefox or another browser. The page indicates an error

make it work with burpsuite

I got an External Service Interation on a scoped domain via Host Header. Now I am inserting my collaborator's URL into the host header, I am not getting any pingback/response. But it works with cURL with the following...

Modify response message after it shows in the Proxy Panel, before it arrive browser

Hey: I'm building a Extensition that should be able to modify the response message after the message has been shown in the Proxy tool，and before the message arrive browser。 I've thought about IProxyListener, but...

asked removing the user license

I have 2 licenses in Burp, how can I get rid of that 1 license?