How do I? - Page 2 - Burp Suite User Forum

Resource not Found Academy Exploit

When I try this academy https://portswigger.net/web-security/cors/lab-basic-origin-reflection-attack, I have facing problem /log?key=%22Resource%20not%20found%20-%20Academy%20Exploit%20Server%22 when view access log after...

No More activations allowed for this license

Dear Team, I am unable to active burp license as it's shows no ore activation allowed. Can you please clear all the license.

labs has this massage not working

Please note that the victim uses Google Chrome. When you test your exploit against yourself, we recommend using Burp's Browser or Chrome.

JS Gadget

Hi ! I am having a hard time with the term Gadget. I don't understand what a gadget is, what it does. The more I see the term being used in the course, the more confuse I become. The definition provided in the course...

How to stop discovering content or running a miner?

Hi, I use the Discovery Content feature in Burp Pro. I also use extensions like Param Miner. However, I am unable to find a way to stop any gracefully. For extensions, I can unload them from the Extensions tab. It's not...

Lab 2: Manipulating the WebSocket handshake to exploit vulnerabilities

Hi All, I cannot seem to get past the point where my IP is banned. I have tried added the X-Forwarded-For in Repeater but it does not make a difference. I know I am missing something but cannot work it out. The video in...

How do I Solve "Lab: Blind SQL injection with out-of-band interaction" without the Burp Collaborator pro version!?

How do I Solve "Lab: Blind SQL injection with out-of-band interaction" without the Burp Collaborator pro version!? please HELP! :(

Lab: SameSite Lax bypass via method override

When I click on "View Exploit" it changes my email. After that I change the email and click on deliver exploit to victim but it doesn't solve my lab. <http> <body> <form method="GET"...

LABS HTTP REQUEST SMUGGLING

Hello! there are many Practicioner and Expert HTTP Request Smuggling Labs that even u try with the solution steps, you can´t bypass de lab, i look for many solutions on internet but i Still not complete the exercise, how...

no resopnd login button/ recaptcah issue

Kindly provide urgent support on the burp suite browser issue. After we click on the login button in some web apps, it seems like the mouse click is ignored in the Burp Suite browser. Perhaps something has blocked us, like...

Initiating API scans using Burp Pro REST APIs

Can anyone help me on how to initiate API scans using Burp Pro REST APIs. Should we pass the API documentation path/location in the URL parameter? When I pass the URL of API documentation in URL field, a scan is triggered...

how to submit complete lab burp suite

Hi I have try hand on lab. how to submit complete lab burp suite. I/ve complate one lab but i can see status complete

activate my professional license.

I have burpsuite pro single user license and I remove burp license key from my current machine and tried to activate on another machine but it telling license key is expired. Please resolve my issue My license key purchase...

Reset all portswigger labs and learning paths

Hello, Portswigger Team Could you reset my labs? Thank you for taking the time.

Lab of Reflected XSS not solving

solving the lab of "Lab: Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped"...

Scan App with a remember my browser login option

The application I'm attempting to scan has two options for authentication: 1. Remember my browser (after mfa code has been sent via email) 2. MFA everytime you login My scans are not able to make it past this step to...

Your JRE appears to be version 17.0.12-ea from Debian - error

hi every time i'm geting this massage error... was looking for a sulotion for an hour now and still can't find the solution the message is: Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on...

reset all my labs and progress.

hi. could you reset all my labs and progress.I confirm. Thanks

Asymmetric encryption of payload

Hi there, I would like to ask about the situation where the client server and the server have their own set of public and private keys for key exchanges. So, what happens is the both the request and the response will be...

Lab: Offline password cracking

Hi All im Trying To Solve This Lab : Lab: Offline password cracking i know that i need to use xss vulnrability to steal carlos cookie but when i put a script it only reflect and show My cookie what i should do to...