How do I? - Page 2 - Burp Suite User Forum

Brupsuite prompting to enter License Key while running through cmd line with use .jar

I have a licensed Burpsuite Professional, and it's running fine if I use it through the .exe shortcut. But when I'm running it through the cmd line using its .jar, it prompts me to enter the license key. I'm entering the...

Make Burp Pro crawl actually discover anything from an SPA app using OIDC?

We are struggling with the Burp Enterprise trial actually discovering anything useful about our web app, and as the Enterprise version seems to offer barely any logs, I went for the Burp Pro trial, to see what's...

Export scan results in Burp Enterprise

Is it possible to export the scan results of a Burp Enterprise scan e.g. as HTML or PDF? If yes how can I do that?

migrate the burp database and configurations

Hi! My BurpSuite Pro license is about to expire and I renewed it recently. I'm planning to install the new license in a new VM. Can you tell me how can I move my old projects from the old installation to the new one?...

TLS Error: Insufficient buffer remaining for AEAD cipher fragment

I'm getting the error, "The client failed to negotiate a TLS connection to x.x.x.x:8080: Insufficient buffer remaining for AEAD cipher fragment (2). Needs to be more than tag size (16) It's said to be an OpenJava bug...

Post Reflected XSS

Hi, I'm able to modify a parameter in POST request (Using Burp Suite Repeater) and gets the alert in the browser when I "show response in browser". That means there is an issue with the input validation. When I tried to...

Samsung Galaxy S10 Mobile

Dear Team, Iam unable to intercept the request in the burp tool using Samsung Galaxy S10 mobile with Version 9. but i can intercept the request with other mobiles. My question is: Can we intercept the request with Galaxy...

Regarding to Proxy setting

Dear sir, I want to know how start Brup suite tool after porxy setting is done as 127.0.0.1 and port 8080. When I try to intercept on web-browser shows error and pop-up an error connection is not private. I have tried and...

Corrupt Files

I bought the Pro edition mainly for the crawl and audit feature with monthly scans, however I am working with the scans for this month and every time I open the file it is corrupted and has to be repaired. It's very...

Upgrading to 2021.6

I am looking at upgrading to 2021.6. Was curious if this is just an upgrade or does it cause a new for a complete install? Thanks

Enterprise edition Burpsuit deployment issue in AWS environment

Hi Team, We are trying to deploy the enterprise edition burpsuite version in our AWS environment.However, we are unable to deploy it since the existing cloudformation template is not able to create the load...

Intruder Cluster Bomb Iteration Order

So with Cluster Bomb, we can generate various permutations of multiple wordlists across different parameters. But is there a way to choose the order of iteration? For example, let's say that I have the following for...

Send multiple requests at once to intuder to process one by one request

Hi Team, I have intercepted 4 important requests in the burp like, login, profile edit, forgot password, register page. Now I have 100 payloads to run for each parameter in all the four requests automatically instead...

Issue with Burpsuite license in VM

We have a VM in which I entered using my credentials and installed the burpsuite Pro license. But when my team logins with their credentials, the burpsuite is asking for the license activation again. Need your help in...

How do I use Burpsuite to scan the requests created during execution of TestCafe scripts

We are using TestCafe as our Automation testing tool and running its scripts to get security threats of web application. Since TestCafe use local IP address, port and session ID in the URL before actual application URL,...

error running web scan

Hello! I get an error when launching a web scan! error from the log 2021-07-26 10:15:27 [e] INFO - Exception report: 2021-07-26 10:15:27 [e] INFO - Category: COMMON_RUNTIME_FAILURE 2021-07-26 10:15:27 [e] INFO - ...

Cannot start embedded browser

Hello, I have really been enjoying Burp. However, since the last few updates, I cannot render responses. I run the emmbeded browser healthcheck and get this error: Unable to start browser: DevTools listening on...

Kali linux Raspberry pi Burp install error

I looked around the forums and I have not seen a fix yet, maybe I missed it. From what I did find, is that you need to be on 64 bit. Raspberry pi 4 specs: Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC 8GB...

[SPOILER] "Lab: SSRF with whitelist-based input filter" explanation?

Hi! I do not understand why the payload "http://localhost%2523@stock.weliketoshop.net/admin/delete?username=carlos" works in this lab. I think I understand this part: The filter only URL decodes a single time, which...

make burp intruder follow redirects (302) ?

I know that it is possible to make repeater follow redirects. But is it possible to make intruder follow redirects?