How do I? - Page 219 - Burp Suite User Forum

always error Error Proxy [25] The client failed to negotiate a TLS connection with my iPhone

Hi, I've followed all steps to install CA in my iphone and configure proxy in burp suite. But I can't browse in any website. Always says me: Error Proxy [25] The client failed to negotiate a TLS connection to xxxxx.com...

Lab: SQL injection attack, listing the database contents on non-Oracle databases

I don’t seem to find the login details to complete the lab. Using ‘UNION SELECT COLUMN_NAME,NULL FROM Information_schema.columns WHERE TABLE_NAME =‘pg_user’— gave columns which were usename and passwd with other ones. So,...

Activation of burpsuite to another device

I am facing issue to install burpsuite to another system. It throws "No More Activation allowed for this license". Please look into this issue and allow me to activate it. Please do the needful as soon as possible.

silent installation of Burp Enterprise edition

Team, Is it possible to perform silent installation of the Burp suite Enterprise edition with automating the input of the parameters like directory for logs, directory for components, adding Users and grabbing API key...

Websites not scanning in latest version of Burpsuit(Community 2020.9)

I am accessing websites via embedded browser of BurpSuite Community edition but websites are not accessible and don't show up. Whatever website i try to access, it remains in process with white blank page and no requests...

Burp Licence

I downloaded burp installer but after launching it on my machines it prompted to enter licence key. Do you have trial version? Best Regards

can get an invocie

you deducting amount from credit Card and i need to have an tax invoice for our records.

Lab: Reflected DOM XSS

From searchResults.js we know, searchResultsObj { var searchTerm = searchResultsObj.searchTerm var searchResults = searchResultsObj.results } var searchResult = searchResults[i] {"searchTerm":"\ ...

How do I repeat the test of external DNS triggering?

Hi, I received a notice about External service interaction (DNS) (https://portswigger.net/kb/issues/00300200_external-service-interaction-dns) while running Active Scan. I would like to test this alert again, how can I do...

Modify Burp Plugin settings in Burp Enterprise

The problem I'm having is that the SQL Injection detection methodology tries to send 2 different requests to the same endpoint with a slightly modified GET parameter; assuming that the response from both request should be...

How can I parse a filename include double quote at upload request ?

There's a filename parameters at uplaod request: --------boundary Content-Disposition: form-data; name="img_file"; filename="PROBLEM" Content-Type: application/octet-stream file_content --------boundary-- How can...

Regarding Rest API working

Hello team, We need help related to enterprise edition setup on Linux server. Please send us the REST API's that are available for use and also we are trying to setup scan scheduling and adding sites using REST API .

Username enumeration via account lock guidance

I have tried to solve this lab. I have created attack in intruder with a counter that I go through each username 5 times with bad password. I don't see any difference in the length of the return. I also have done a grep and...

HTTP Header Response Plugin

Hi there, I am looking for specific plugins that generate: CSP Policy: *, unsafe-inline and unsafe-eval X-XSS-Protection X-Content-Type Referral Policy Cache-Control header Xframe options I understand the last...

Burp Repeater to show vertically instead of horizontally

Hi there, Is it possible for the burp repeater to display vertically instead of horizontally? I need to capture in report which is taking too much space. 2ndly, can the GET POST request shows GET http://example.com full...

Configuring Burp Enterprise to CI/CD

Currently working on PoC of Burp Enterprise Edition. CI/CD tool is Jenkins. During the process got below queries. 1) Can Burp Enterprise only be integrated to a pipeline? Not to a individual Jenkins job? 2) Can Burp...

Please help me

Can you share me that which language portswigger use for building all labs on here, please ?

Transfering License

Hello Burp Support team, We would like to transfer a valid license to a new user? How to proceed? Could you please do this for us? Thanks and kind regards.

Lab - Exploiting Java deserialization with Apache Commons

Hi I'm just wondering, without being told, are we able to tell that Apache Commons Collections library is in use, and how? Thank you.

Basic setup w/ Firefox hangs without error indefinitely

I've got the standard setup with Firefox. I'm using the default proxy settings, grabbed the CA cert and installed it in Firefox's certificates, and set the browser to proxy all traffic to 127.0.0.1:8080, matching the active...