How do I? - Page 2 - Burp Suite User Forum

Burp Suite CA Certificate Not Trusted

Hello, I've just downloaded Burp Suite and have configured Chrome to use Burp Suite as my proxy. However, I've tried to install the CA Certificate but whenever I load a https:// URL, I get the following...

access controll vulnerability lab

last two question in access controll lab i can't understand because it say change wiener role to admin but wiener is already admin then how can i change

Exploiting Ruby deserialization using a documented gadget chain

Hi I am unable to solve this lab. *I created the base64 encoded payload using the exploit code in this site. https://www.elttam.com/blog/ruby-deserialization/ *I copied the code, changed the required parameters and...

How do I scan an OpenAPI 3.0 API?

Hello I am trying to follow the meager information at https://portswigger.net/burp/documentation/desktop/scanning/api-scanning in order to scan a REST API (I have the API definition file on disk). I cannot even find the ...

burp hostname resolution

Hello, i use burp as a proxy in my malware lab for intercepting communication in a VM used as a proxy. I have create two proxy listeners and they redirect traffic to inetsim. https://ibb.co/5LNj5Zf My...

How to set system wide proxy settings on Ubuntu 18.04 without exporting the environment variables?

Hello, I am Ubuntu 18.04 and I would like to set system-wide proxy settings without exporting the environment variables. I don't want to use the command export http_proxy='http://127.0.0.1:8080' as it declares the...

configure scan for HSTS

want to just search for HSTS vulnerabilities on security headers on a website. what configuration do I use that will show it.

Web Cache Poisoning X-Forwarded-Host

Hi, I am attempting the "Web cache poisoning with an unkeyed header" lab. I am not receiving a response in the Repeater when I add the X-Forwarded-Host (example.com). However, I receive a response as normal with or...

SSL error for Android

Getting below error: Kindly support on priority - The client failed to negotiate a TLS connection to : Received fatal alert: certificate_unknown

No connections to the polling server at polling.[domain] could be opened. The collaborator will not work in this configuration.

I am struggling to get my private Burp collaborator working correctly, running a health check gives: An HTTP connection to the capture server at 6qxgdpy57h21gh1p4si6u6jil9rm55pntqi.[DOMAIN] could not be opened. An HTTPS...

Help with H2.CL request smuggling lab

I am attempting to solve the "H2.CL request smuggling" lab. I verified that I can trigger the JavaScript alert when I simulate a victim user myself (e.g. I visit the home page in a separate session, then send the malicious...

How can i make send get request then post request in Intruder?

Hello i Have an AB test , first i need to send Get Request then Send Post Request , how can i automate this in Intruder ?

BURP api is not working

Hi Team, I have generated api key and keeping http://127.0.0.1:1337 service running in useroption=> misc tab and i am trying to run http://127.0.0.1:1337/v0.1/ it is working fine but When i am trying to...

Install Burp Suite Enterprise inside alpine docker

Trying to install Burp Suite Enterprise inside alpine docker. Java is installed (OpenJDK-11) and it is in PATH. JAVA_HOME is set. Still, I get error that java is not found Trying to install Burp Suite Enterprise...

Anti CSRF Token

I keep spending hours on something so simple that should be part of this product... I can't bypass a simple setup like below to perform a scan. GET /comment provide anti csrf value in body let's call it...

Auto-reject client requests for sites with bad certificates

I'd like to configure Burp Suite to automatically reject requests from the client for sites with bad certificates. This seems really basic, but I haven't found a way to do this. Using badssl.com for testing, Burp Suite lets...

Extract strings matching a regexp in Burp

Hello guys, Any idea how to extract strings matching a regexp in Burp? I mean i see how to search but not how to extract. Thanks,

How does Active Scanner know the the request body to post to an api endpoint?

I ran burp suite's active scanner and in one of the requests it made to an API, the post request body was filled automatically with the needed JSON data. How does burp know what data it should post? I also used an extension...

Burp Collaborator

Any reason why Burp Collaborator would stop working? not getting the ping responses on collaborator even when i visit the link in my own browser

export to csv format

Hi! Is it possible to export the Burp vulnerability report into a csv format instead of xml/Html?