How do I? - Page 23 - Burp Suite User Forum

Burp Professional License Reset

I had to replace my laptop and am trying to reinstall Burp Pro on the new system. When I enter the license key, I receive a message telling my that activation failed - no more activations allowed for this license. I have it...

Blind SQL injection with out-of-band interaction without Burp PRO

Hello, is it possible to complete this lab without burp pro so without calling the burp collaborator server address?

Clickjacking with form input data prefilled from a URL parameter

I'm following the solution exactly, but when i view the exploit from the exploit server, the iFramed page is unauthenticated. It's not taking me directly to the change email page like I'm seeing for others in community...

About OPTIONS data packet problem

I want to automatically clear the packets whose Method is OPTIONS in the Proxy --> HTTP history module. Such packets are useless and affect manual analysis.

Repeater - Pull Inspector-Surface wider

Can you please increase the gripping surface of the inspector on the repeater? It is sometimes really tedious to pull the inspector wider. Or do I have the possibility to do this myself?

Urgent: Assistance Needed with Activation Keys for BurpSuite Licenses

My company recently purchased 5 BurpSuite Professional licenses for our web penetration testers via international transfer. I have sent emails to hello@portswigger.net, licensing@portswigger.net, and support@portswigger.net,...

Burp Suite Pro - signed auto updates

I understand that checksums are provided for manual downloads. Are automatic downloads digitally signed and how does Burp Suite Pro verify the signature?

The website experiences a decrease in loading speed

Hi dear portswigger team, I had problems opening the portswigger.net site. I tried to access the site and I was frustrated and also disappointed because the website took too long to load and damaged the appearance of the...

Excel Macro & Burp

Hello, I would like to ask if it is possible to intercept requests made from Excel using Burp? I use Windows 11, and I have tried to set the proxy in: Control Panel > Internet Options > Connections > LAN...

Not receiving CSRF token to my Collab link

Hi guys, I'm trying to solve the WSA Lab "Lab: Reflected XSS protected by very strict CSP, with dangling markup attack", and after many attempts I'm realizing that the Lab is not configured to visit *.oastify.com domains....

DOM XSS in jQuery selector sink using a hashchange event

Hi, does anyone understand how the payload works for this? <iframe src="https://YOUR-LAB-ID.web-security-academy.net/#" onload="this.src+='<img src=x onerror=print()>'"></iframe> Why do we have to send to the exploit...

Out of scope logging in Logger

Why does Burp Suite no longer send out-of-scope requests to the Logger when using scope? I have "Proxy history logging" set to "Do nothing" and "Don't send items to Proxy history or live tasks, if out of scope" enabled....

Lab: CSRF where token is duplicated in cookie

"I am currently trying to do the CSRF lab where the token is duplicated in a cookie. However, I keep encountering this error: This is your server. You can use the form below to save an exploit and send it to the victim:...

Enable MFA for my PortSwigger web portal account management login?

Is there an option to enable MFA for the Admin portal?

Reset labs

Hi How do I reset labs I have already solved in PortSwigger. I would like to do the labs again. Is there a reset button. Thanks Ese

JWT authentication bypass via algorithm confusion

Hi! I was working on the lab JWT authentication bypass via algorithm confusion and i did everything in the solution and also I've watched couple of youtube solution and trace exactly the same steps but it is not working for...

multiple request headers in burpsuite community edition v2023.7.2

Whenever i try to use the burpsuite the request is including multiple headers with values, causing duplicate headers error. sample request: GET /web-security/mystery-lab-challenge HTTP/2 Host:...

Send Repeater requests to sitemap

Hi Is it possible to automatically send requests made with the Repeater to the general history? (so they get added to the sitemap) Cheers Manu

start journey

how do I select the appropriate material to start learning? as I consider myself a fresh to this topics

Reached Activation Limit -- I use Burp Pro for one-off VM tasks and destroy the VM when done. please help!

Hi. This morning, when starting a fairly critical task, I realized that I could no longer activate burp pro. Due to the nature of the work I am doing, this gets installed on a VM and the VM is destroyed at the end of the...