Burp Suite User Forum

Create new post

Pen Testing Point Of Sales Application

Hi Team, We are attempting to intercept the traffic in order to conduct penetration testing on POS applications such as Oracle Xstore and Samba POS. However, we are currently unable to capture the traffic. Could you...

Last updated: Jan 12, 2024 10:32AM UTC | 2 Agent replies | 2 Community replies | How do I?

Stop current webpage from appearing in HTTP History

Greetings. So I have a tendency to listen to music while working, and I do it using Soundcloud. But using it on my browser really messes up my HTTP History with unnecessary traffic shown. Sure I can open it in incognito...

Last updated: Jan 12, 2024 09:26AM UTC | 1 Agent replies | 1 Community replies | How do I?

Access to Labs

Hi, I can't Access the labs in portswigger. It takes me to a blog even I click the button and it won't load the lab. Please help.

Last updated: Jan 12, 2024 08:29AM UTC | 2 Agent replies | 3 Community replies | How do I?

BCheck Question

Hi, I am trying to write a bcheck that will simply repeat the request but only if the request contains a specific parameter, for example, if the request contains a parameter named "repeat" then I would need to repeat this...

Last updated: Jan 11, 2024 05:57PM UTC | 1 Agent replies | 2 Community replies | How do I?

Zscaler proxy

Hi, We have Zscaler proxy, I need support to understand how we can configure zscaler proxy settings in burp suite professional v2023.2.3. burp suite is not able to connect with internet.

Last updated: Jan 11, 2024 05:40PM UTC | 2 Agent replies | 1 Community replies | How do I?

Zscaler block issue

We have Zscaler proxy which is not allowing to send parameter change request though burpsuite on testing website and getting error 403 Forbidden (request blocked by zscaler). Is there any way i can send request from...

Last updated: Jan 11, 2024 04:22PM UTC | 1 Agent replies | 0 Community replies | How do I?

New Scan

Hello. Whenever I use Live Scan everything works perfectly. However, when I use New Scan, Burp Suite works for a few seconds and then populates the site map with a handful of urls. What am I doing wrong?

Last updated: Jan 11, 2024 01:58PM UTC | 2 Agent replies | 1 Community replies | How do I?

Help required for exporting certificate

Hi there, When I export cacert.cer from Burpsuite Pro, it shows Cloudflare, please advise. I thought it is supposed to be from portswigger. 0�0��Z؁{*�H��jɘ��6I' E0 0��1 0 UUS10U San Francisco10U Cloudflare,...

Last updated: Jan 11, 2024 11:40AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Scan Finding Severity

Hello, I'm a bit confused regarding the severity of findings via Burp Scanner. Recently I ran a Scan on one of my domains and was able to find a bunch of findings however, most of them were of severity "information" as per...

Last updated: Jan 11, 2024 11:21AM UTC | 2 Agent replies | 1 Community replies | How do I?

How to change User-Agent send by Burp itself when connect via upstream proxy

When set upstream proxy server, burp will send the following request. (Not send by browser) Version 2020.9.2 ---begin--- CONNECT portswigger.net:443 HTTP/1.1 Host: portswigger.net:443 User-Agent: Mozilla/5.0...

Last updated: Jan 10, 2024 03:46PM UTC | 3 Agent replies | 2 Community replies | How do I?

Application Scan Version Number in Sites

When creating a site in Burp Enterprise, is there a way to next subsequent versions of that application under the same site, but with the version number differentiating the scans?

Last updated: Jan 10, 2024 01:40PM UTC | 1 Agent replies | 0 Community replies | How do I?

Reset Progress

Hi, could you please reset my progress, learning and labs, please. Thanks David

Last updated: Jan 10, 2024 01:37PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Pro Log Files

Hello, I would like to know where exactly in Ubuntu can I find the logs for Burp Pro, what Im looking for is the requests and responses made during Burp Scan. I would like to know and retrieve if the Authentication was...

Last updated: Jan 10, 2024 12:08PM UTC | 1 Agent replies | 0 Community replies | How do I?

failed to create burp project: cannot parse null string.

os : windows version: burp suite community edition v2023.9.4 error : an error occurred when starting a project with the selected options failed to create burp project: cannot parse null string. i don't have any...

Last updated: Jan 10, 2024 06:45AM UTC | 5 Agent replies | 10 Community replies | How do I?

Uploading Video Community solutions

Hey team, I wanted to know how can someone upload a video solution for a lab?

Last updated: Jan 09, 2024 03:34PM UTC | 1 Agent replies | 0 Community replies | How do I?

Blind OS command injection Problem!

Hello, currently burpsuite scanner found a vulnerability on the website with the following characteristics Issue: OS command injection Severity: High Confidence: Certain Issue detail The login parameter appears to...

Last updated: Jan 09, 2024 10:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Academy Lab says secret is not correct?

Hello For the "Web shell upload via Content-Type restriction bypass" Lab I have uploaded a web shell and can read the secret file in /home/carlos but when I submit it with the solution button it says it is not correct....

Last updated: Jan 09, 2024 09:03AM UTC | 1 Agent replies | 0 Community replies | How do I?

Web cache poisoning with multiple headers - How Do I Actually find these 2 headers to inject my arbitrary values?

I know from the hint the i need to use X-Forwarded-Host and X-Forwarded-Scheme headers but when i used Paraminer extension in Burp it only found x-Forwarded-Scheme header. I used default options : Extensions -> Param Miner...

Last updated: Jan 08, 2024 04:12PM UTC | 4 Agent replies | 3 Community replies | How do I?

Unable to get POST request through burp suite

I'm trying to get the request body for my POST request through burpsuite but i keep getting this GET /canonical.html HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0)...

Last updated: Jan 08, 2024 04:00PM UTC | 1 Agent replies | 0 Community replies | How do I?

Keep getting ajax instead of the actual request

I keep getting GET /ajax/libs/noty/3.1.4/noty.css.map HTTP/2 Host: cdnjs.cloudflare.com Sec-Ch-Ua: "Not_A Brand";v="8", "Chromium";v="120" Sec-Ch-Ua-Mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)...

Last updated: Jan 08, 2024 03:48PM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 2 of 304

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image