How do I? - Page 231 - Burp Suite User Forum

Can't able to install burpsuite_community_v2020.5.jar on my Kali linux

Linux Version : Linux kali 5.4.0-kali3-686-pae #1 SMP Debian 5.4.13-1kali1 (2020-01-20) i686 GNU/Linux I have installed java jdk-8 in my machine it also a 32bit operating system.The issue I'm facing is whenever i try to...

Unable to change "throttle"

Hey Guys, Today I installed Burpsuite v5.1 and now I am unable to change the "Throttle" under Intruder What do I do now? Could you please tell me how do I change this? Any resolution would be much...

Burp Enterprise Edition - Not working

The burp enterprise edition is not working. When I try to access it on localhost:8080 it gives a can't reach this page error.

Burp not regenerate Certificate / doesn't intercept https with error: no cipher suites in common

Hi I'm using Burp pro 2020.4.1 jar file in windows 7 64bit with java version 11.0.7 2020-04-14 LTS Everything is work fine in running burp, but when i wanted to configure burp and my browser and my android (v 4.4) to...

Use GraphQL API to initiate a scan and perform delta

How can I use Burp Enterprise GraphQL API to initiate a scan (using an app. name or URL) and perform a delta (compare between new and old scan) Can you please provide the exact syntax / query to do the above tasks. Thanks!!

How can I get the type id for issues?

Hi, I want to know how I can get the type id of the issues. In burp's extender api IScanIssue, getIssueType() is returning a different id than the type index I see on the issues definitions. Where can I find the numbers...

Call GraphQL API

I'm having trouble calling GraphQL API on our Enterprise BurpSuite server. For example, our burpsuite enterprise URL is http://<BURPURL> I tried calling ScanReport GraphQL API via Postman as follows: Endpoint:...

unclear lab instructions

IN the lab: Username enumeration via response timing, I find the instruction #2 difficult to understand. It says: #2. Identify that the X-Forwarded-For header is supported, which allows you to spoof your IP address and...

How to configure the latest iOS device for mobile device interception

Hello Is it still possible to configure the iOS mobile device iPhone to configure so that we can intercept the iPhone traffic using burp suite pro? I tried but failed. Thanks

Help interpretation of stack trace for DOM based issues

Hi everyone! I would like to know how you would interpret the following two different stack traces which I recently found while doing a web PT. I know the findings are false positives but I would know how can one...

Burp Scanner Found Dom Based Open Redirect

Hello, My Burp Scanner Found DOM Based Open Redirect. I tried to execute this open redirect several time but i don't get any result . can you tell me , is it False Positive ? =function(e){var...

XPath Injection Validation

One of our developers working this problem asked why they are getting the following (Some: Control Cookie contains blacklist: ' in ASP.NET_SessionId=XXXXXXX; __AntiXsrfToken=XXXXXX99228b4d7 But when they attempt to...

fatal alert: handshake_failure

Hello, I am using BURP PRO v1.7.37 and my Java version is jre1.8.0_162 I have imported burp certificate in browser as a trusted root (I am using chrome browser) But still i am getting error "Received fatal alert:...

CA certificate not Working

I install CA certificate into my Chrome browser in Trusted Root category and after restarting Chrome I open the list of Trusted root certificates and there was portswigger's certificate present. As I am Using Windows 10 PC...

downgrade enterprise version

We are on Enterprise 2020.5 (latest version) and would like to downgrade as the current API is not yet supported by our vulnerability management platform. Can you please help on this one?

Site configuration | authentification

Hello, I am not quite sure how to parameter a login for a website. The documentation is quite vague. Could you give me more information, I do not see how to precise which fields has to be fullfill and what if I have more...

How do I copy an entire request from Burp Pro to Burp Community & manually check it for issues ?

Dear Support Team, I have a POST request via Burp PRO and I want to use community edition and recreate the same scenario to re-validate a CSRF. I am trying community edition to see how can I use it for manually...

Activation

Why did you remove automatic activation? I have not used Burp for more than a month, now I installed it, I wanted to use it, but it says to me that activation is failed. Now I have to wait until you reset it to me. It is...

encountered the license issue on burp enterprise

Hi, I can login to Burp Enterprise. After I login, I get "An unexpected erro occurred. If this problem persists, please contact support@portswigger.net". and there is the word License. Can you let me know if this is the...

Cross Site Scripting (DOM-BASED) Issue Logged

Burpsuite has logged Cross Site Scripting (DOM-BASED) Issue for one of our application. Following static analysis is provided, Data is read from document.location.pathname and passed to document.write() via the following...