How do I? - Page 221 - Burp Suite User Forum

Web cache poisoning with an unkeyed header

Hi there. Sorry to bother. I have tried to finish the Lab "Web cache poisoning with an unkeyed header" but couldn't do it. First, after added the X-Forwarded-Host in Repeater of Burp then, I cannot receive any response...

test

test a thing

Can I change the domain name or IP address in stored state?

Hello? I would like to scan actively in domain name B using stored burp state when I scanned passively with domain name A. B would run the same service that A have run. Is this possible? If then, could you let me...

Crawl and audit SPA application

Hello, I understood from the release plan that future releases will include upgraded scan features. I have in mind a case where today I cannot use Burp to do a vulnerability assessment scan and am curious if I'm missing...

Web App Hacker's Handbook (WAHH): Question about Chapter 5

Hi, I have a question about Chapter 5 of WAHH. On page 130, where it is talking about "Script Based Validation", it says instead of disabling JavaScript, we can intercept the validated submission from the browser to...

Query live tasks in real time

Is there a way to query burp to get live scan results? For example, I can direct the output of "param miner" to a file, however it doesn't mention the path. I need always to go to Issues > report issues > export to a file...

Tests for noSQL injections

I can easily test for a couple of nosql injections using repeater but is there a burpsuite extension or automated way of testing a large variety of test cases (like sql injection)?

Help Burp Suite Pro Scan correctly.

Currently, to scan my site correctly I am having to manually click through the main menu to get burp to load the site into the target. Is there a way to help burp with this so that I can use the automated scanner? Perhaps...

Hint how to fix "Embaded browser initialisation failed" or "unable to render rensponse" on Kali Linux VM

Hi all, As many of you I have experienced a problem with internal browser rendering on latest Burp v2020.8 when running on Kali VM (in my case on VM Fusion). I have found a workaround works for me and probably should work...

Software download

Hi , I purchased the license key file for Burp Suite Professional through my organisation. But when I try to download Burp Pro Software alone from website, it asks for credentials to download. Please help me with...

Chanage licence to other OS

Hi, I have my burp suite pro installed in my centOS, I want to move it to kali linux. Please help on this. Thanks, Shoeb

Burp Enterprise - CI/CD Configuration

Hi, recently started a PoC on Burp Enterprise edition. On initial look at the documentation in the link below: https://portswigger.net/burp/documentation/enterprise/administration-tasks/integrating-ci Need a little...

UNABLE TO ACCESS LAB

I have accidentally deleted the account of wiener with peter as a password. Could you help me out to recover the account and access the lab?

Unable to run Burp Suite with Bamboo CI pipeline for professional version with API

I have created a powershell script which runs burp suite pro with API calls which I am able to run on the server locally. but same when I am trying to run using Bamboo CI pipeline it is not working... getting below logs. How...

Where are the rest of the 'Apprentince' level labs?

I've completed 35 of the 40 Apprentice level labs. I can not find the last 5. I went to the 'All Labs' list and clicked through each one. Am I missing something?

Can't replicate "External service interaction (DNS)" detected by audit/active scan: different server response

Hello, While testing a website with an active scan, the audit found a DNS external service interaction with a simple GET request: GET / HTTP/1.1 Host:...

install Burp Community Edition from the JAR file

Hello, I use 32 bit version of Kali Linux and I am trying to install Burp Community edition. I encounter problems with JRE version I switched the Java 8 as it complained about Java 11 but now it is not instantiating...

Cannot Access Web Academy

It seems there are something wrong with Web Academy. NOT Found for the URL => https://portswigger.net/web-security

Not able to access Web Security Academy

Dear Team, After login into the account I am not able to access the Web-Security Academy, find below the message that is displayed. The requested item was not found. We apologize for the inconvenience

Showing Error

After login into the account I am not able to access the Web-Security Academy Showing: The requested item was not found. We apologize for the inconvenience Please Fix It,Thank You