How do I? - Page 211 - Burp Suite User Forum

How do i Automate task to pickup the Server side certificate

Couple of Requests I am new to the Burp suite pro, In our company we are using Burp suite 2020.5 version (recently upgraded from 1.17). Our requirement is to automate the certificate authentication through the burpsuite,...

TLS connection issues

All of a sudden I am getting TLS connection issues after using Burp for years without issue. What has changed and how do I fix it?

API based Crawling and Scanning getting struck at 98%

Hi, I have initiated the burp suite API in Headless mode "java -Xmx4G -Djava.awt.headless=true -jar burpsuite_pro_v2020.4.jar" and refereed the project file and initiated the scan, after 95% progress of Crawl and Scan,...

Is there a way to change Burps connection keep-alive behavior?

Is there a way to force burp to yield http connection control to the browser? Or just NOT close connections automatically? I read here:...

I installed burp enterprise. but i get an error. java also installed

Unable to load site tree: Error: Network error: JSON.parse Error: Invalid character at position:1

Application logins olarak tarama başlatma

Kolay gelsin; Herhangi bir x sayfasında Application logins olarak tarama başlatamamaktayız. Application logins olmak istediğimizde boş bir yere tıkladığımızda yazmış olduğumuz kullanıcı adı şifre kaybolmaktadır...

How do I Import Binary Search Code into BurpSuite? The Elegant Solution(Binary Search) of -> Lab: Blind SQL injection with conditional responses

https://portswigger.net/web-security/sql-injection/blind/lab-conditional-responses There is a note on this lab about a more elegant solution, which is to perform binary search on the character space. I did this manually(...

Timeout in transmission from host

I am auditing specific pages of an application.I am getting error "Timeout in transmission from *.com". I am able to access the application via browser and also through BURP proxy. Please let me know how to resolve this...

error: failed to connect - trying to intercept requests

I am doing a simple test, where I build a small MEAN stack app. I run the node.js with localhost:3000 and angular frontend with localhost:4200 I left the proxy in burp with default localhost:8080. When I run the app...

Lab: Web cache poisoning with an unkeyed header -> X-Cache trouble

Dear Support Center The web cache poisoning lab has stopped hitting X-Cache since yesterday. It was hitting in this lab until last week, but now it's not hitting.

burpsuite not intercepting website dhiraagu.com.mv

hi, for some reason when i turn on burp. the site responds back with [burp proxy] No response received from remote server. It seems to work fine for every other website. Thanks, Ismail

Get to xss cheat sheet, lab2 XSS project?

Think I have certificate set up correctly I am working on this lab from XSS, it's the second lab: In Burp Intruder, in the Positions tab, click "Clear §". In the request template, replace the value of the search...

Blind SSRF with Shellshock exploitation

hey, so i launched intruder attack as mentioned in the solution but i am not getting any DNS request in collaborator

payload set

I am using burp community edition and i am trying to select second payload set in intruder > payloads > payload sets > payload set: but that isn't working no 2nd payload set to select

KONFİGÜRASYON YEDEKLEMELERİ

Kolay gelsin, Mevcut sistemlerin belirli bir plan dahilinde düzenli olarak konfigürasyon yedeklerini almayı planlıyoruz. Bu kapsamda; olası bir arıza durumunda, yeniden tertip edilecek boş sunuculara en kısa sürede...

Issue with Professional edition free trial

Hi, Yesterday I tried the free trial of Enterprise edition of Burpsuite, but my company has License for Professional edition, so tried the Professional edition free trial, I have not received any email, I tried several...

Database transfer error

Hi, I am trying to tranfer database from embedded to external MSSQL. I followed the steps mentioned here - https://portswigger.net/burp/documentation/enterprise/getting-started/setup-ext-db I was able to create the...

Insert Jenkins parameters / variables in Burp API POST - JSON scan definition

I'm using "Burp plugin for Jenkins" to initiate Burp scan from Jenkins. In Jenkins, I have parameters like scan URLs, application name, scan configurations etc. How can I use or insert these parameters in "Scan definition...

Graphql

Hello, I am creating scans through si API and a have the following error : "Variable 'email_recipients' has an invalid value. Expected type 'Map' but was 'String'. Variables for input objects must be an instance of type...

Does Burp Suite Enterprise look for source code, such as PHP that might be found in website text files?

This would include files on the website like .doc, or *.pdf, or *.docx, or other documents that might be included on a website.