Burp Suite User Forum

Login to post

CORS vulnerability with basic origin reflection - Unable to solve

Hi Team, I tried the proposed solution but unable to get exploit working to get the API key. It returns Not Found in the logs. Can you confirm if the doc is updated one ?

Last updated: Feb 24, 2021 12:37PM UTC | 1 Agent replies | 0 Community replies | How do I?

How can i send two same request parallelly at the exact same milisecond?

I want to send two requests parallelly at the exact same time.When i use null payload in the intruder (number of threads=2, generate payloads=2, throttle=0ms) burp sends three requests.It first sends a baseline request and...

Last updated: Feb 24, 2021 11:32AM UTC | 2 Agent replies | 1 Community replies | How do I?

Burp Suite Enterprise edition - API endpoint scan

Could you please help me with performing API endpoint scan using Burp Suite Enterprise edition?

Last updated: Feb 24, 2021 09:02AM UTC | 3 Agent replies | 4 Community replies | How do I?

"Parse API definitions" not included in built-in scan configs for BSE (V2020.11)

I'm running v2020.11 for Enterprise and Burp Scanner. I cannot find the "Parse API definitions" settings under Miscellaneous section of the built-in scan config templates. Please advise next steps.

Last updated: Feb 24, 2021 08:17AM UTC | 1 Agent replies | 0 Community replies | How do I?

Get support on why Cross site forgery is showing when it is blocked

Our internal sites use Fortinet WAF to block CSRF, yet per your scan they show it. Can you please work with us to review this.

Last updated: Feb 23, 2021 05:13PM UTC | 1 Agent replies | 0 Community replies | How do I?

Activation Failed.

Hello, I get the following error when trying to activate "Burp Suite" (No more activations allowed for this license). How can I solve this? Thank you.

Last updated: Feb 23, 2021 01:19PM UTC | 1 Agent replies | 1 Community replies | How do I?

Connection Reset issue

Hi Team, i am facing connection reset issue whenever trying to connect to an internal application.

Last updated: Feb 23, 2021 12:27PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suit Enterprise edition installation - Getting 404 error

I have installed a burp suit on once of my company server. After installation - when I open burp suit I am getting 404 pages not found a message from the browser. Message is : {"code":1,"error":"HTTP 404 Not...

Last updated: Feb 23, 2021 11:23AM UTC | 1 Agent replies | 0 Community replies | How do I?

automatically logout and not activating

Hello sir, My burpsuite proffesional is automatically log out every time i try to use . And now its showing "No more activation" . I am the only user of this account .

Last updated: Feb 23, 2021 10:42AM UTC | 1 Agent replies | 0 Community replies | How do I?

Invalid client request received: Dropped request looping back to same Proxy listener

I have WebGoat running locally on port 9300 (so accessible via localhost:9300). When I configure a BurpSuite proxy listener to listen on port 9300, and then configure FireFox to point to a proxy also on 9300, and then I...

Last updated: Feb 23, 2021 09:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

SQL injection attack, querying the database type and version on MySQL and Microsoft

I'm getting "Internal Server Error" message for every payload I use, even the ones in the solution. how is it possible to complete this lab?

Last updated: Feb 23, 2021 09:36AM UTC | 1 Agent replies | 1 Community replies | How do I?

Scan a predefined URLs list without crawling new URLs

Hello, so I have been trying to active scan an URL list. What I want to achieve is to make Burp scan every URL that I provide. The issue is, when I do an active scan on my URL list, Burp crawls every URL and I end up...

Last updated: Feb 23, 2021 09:33AM UTC | 3 Agent replies | 2 Community replies | How do I?

Request to refund for license amount

Hi Team, Kindly provide update for 1 burp license refund amount. Regards, Paladion Networks,

Last updated: Feb 23, 2021 07:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

HEX view

Hello, Since the addition of the inspector panel (btw, a very cool addition), I can't find a way to view the hex representation of requests and responses in the message editor. Can I have an explanation on how to do...

Last updated: Feb 22, 2021 11:05PM UTC | 3 Agent replies | 4 Community replies | How do I?

BurpSuite Proxy Listener, Mac OS and Chrome not playing nice together

I'm trying to play with BurpSuite by attacking a local instance of WebGoat (intentionally-vulnerable web app at https://owasp.org/www-project-webgoat/) and am having some difficulty getting the proxy setup. I am on a...

Last updated: Feb 22, 2021 03:27PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Enterprise - Scan Multi Step Login to Application

There is a challenge in scanning the typical application with multi step authentication. The actual site store-hashvalue.site.com however, to login to the site one has to authentication on login.site.com and then gets...

Last updated: Feb 22, 2021 01:52PM UTC | 7 Agent replies | 6 Community replies | How do I?

Lab: Modifying serialized data types

I have a problem with this perticular lab. I've followed the solution as well and still cannot access the admin account. I have a firefox web browser. Pasted in this in the cookies by pressing...

Last updated: Feb 22, 2021 12:37PM UTC | 7 Agent replies | 10 Community replies | How do I?

Username enumeration via account lock

Im getting session has locked out after every 400 requests(each time i tried its the same thing) so i tried to to use turbo intruder and while i am giving it a list of usernames it is printing unknown usernames and its...

Last updated: Feb 22, 2021 12:12PM UTC | 2 Agent replies | 2 Community replies | How do I?

Lab: 2FA bypass using a brute-force attack

Firstly, love all the labs you guys have, over 150 labs now, very impressive. Well done! For this lab "Lab: 2FA bypass using a brute-force attack", the solution is great, totally understand how it works etc. However,...

Last updated: Feb 22, 2021 11:57AM UTC | 6 Agent replies | 13 Community replies | How do I?

Having problems to start Burp Enterprise edition.

I have installed and set Burp Enterprise edition at 127.0.0.1:8080 however every time I visit from any browser It tells me to install certificate. I have certificate installed from Burp pro already , and again moved...

Last updated: Feb 22, 2021 10:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 2 of 159

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image