How do I? - Page 188 - Burp Suite User Forum

Lab: CSRF where token is tied to non-session cookie

In this lab, the first step is to set the csrfkey cookie in a victim's browser. The solution is using a img tag in your exploit page to send a request to set the csrfkey cookie. I tried to send a XMLHttpRequest to do...

Create a new Issue Type to be checked by the scanner

Hi, I would like to create a new issue type for the scanner to run. It isn't a specific issue on a host what I want. Instead, I would like to check a regex when I'm running a scan against an host. Is this possible?...

Automatically starting a preconfigured scan

For extension development purposes, I'd like to easily and automatically start a 'crawl and audit' preconfigured scan with one mouse click. Under 'preconfigured' I include all the options in the scan launcher, including the...

Start an active scan with insertion points via the REST API

Hi, Is there a way to start an active scan with payload offsets (like we do using the Intruder's scan defined insertion points GUI context menu) via the REST API i.e. submitting a HTTP request with insertion points via...

Modify Burp Enterprise

is there any posibility to modify the interface of Burp Suite Enterprise to add an image or add an extra page ?

invalid username

Hello, I'm tryding to solve the lab username and password enumeration via different responses, and I did everything in the right way but I got invalid username. I did all steps in the solution but still get invalid...

License multiple people

Other than having a single renewal date what is the difference between having a single license with multiple users vs. having a single license for each user on our team?

Capture http traffic outside the browser

Hello everybody. Being that sometimes I find myself having to test applications that do not work via browser, for example as in the case of RMI, I would like to know if there is a way to capture all the network traffic...

log rotation

Where can I find file for log settings like log4j or log.properties to set the log rotation for burpsuite enterprise Server/Agent/Webserver logs.

View viewstate's data

In older version of Burp, i have observed that burp will show a tab "Viewstate" when working with application using viewstate. However the latest version of burp (i.e. v2020.11.2) does not do the same. Is there a way to view...

Vulnerabilities reported as Low

Hi Support, Some Vulnerabilities are reported as Low. But based on the description of the Vulnerabilities they should be high. Can you clarify why they are report as low and should those be reported as...

Burp Suite Enterprise - SMTP Server Requirement

For Burp Suite Enterprise, is it a requirement for installing and using Burp Suite Enterprise to have a SMTP server? Or is it only a requirement to have a SMTP server if you want Burp Suite Enterprise to be able to send...

Export xml report

How do I export an issue report in xml format in Burp Enterprise edition? I understand this feature is avialble in professional editon, but I am not able to find how to do this in the enterprise one. Thanks Chris

Need to delete this account

Hi colleagues, How can I delete this account. Our company use another account now, and this is not needed anymore. Thanks!

Burp Collaborator client --ask

hi I would like ask about this instruction.I see we revive some respond as kjsfjsdfjsdfjsd.burpcolab.net and information "received a DNS lookup" 1.But we do not see any information where is vulnerability.We see only IP...

Re usability of License key

Hi Team, Is it possible to re-use a license key in case the system gets formatted and use try to activate the burp again?

Problem

How to fix this error your jre appears to be version 11.0.7-ea from debian Burp has not fully tested on this platform and you may expitience problem

Transfer License

Hi, I could like to migrate my burp single-user license from windows machine to mac. It's showing the license has been expired, Please help me out. Thank you, Regards, Sathish

Latest Burp Suite (2020.11.3 JAR)

Hello, I have JRE version 15 installed. I got a message saying burp hasn't been fully tested on this version. Please mention the tested JRE and JDK versions.

Burp Suite Professional / Enterprise Install Question

Is there an issue with installing both the Burp Suite Professional and Burp Suite Enterprise Edition on the same Windows machine or is it recommended to install each on their own Windows instance?