Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Exporting site map

Hi, I am developing an extension that will perform the same functionality as it can be done manually by right clicking on items in Target's site map or Proxy history and then selecting "Save items". Using manual process I...

Last updated: Nov 12, 2019 12:09PM UTC | 3 Agent replies | 2 Community replies | How do I?

Burp API

Hi, team! I want to automate BurpSuite scans using burp's REST API (https://portswigger.net/blog/burps-new-rest-api) but receive errors when sending requests to start the scan. I run burp in headless mode. My request...

Last updated: Nov 12, 2019 08:27AM UTC | 1 Agent replies | 1 Community replies | How do I?

Turn off crawling in enterprise?

Is there a configuration which will let me not crawl the site I'm crawling at all and JUST scan the URL(s) provided? I have an application which contains the ability to self-register a user, and I'd like to be able to...

Last updated: Nov 11, 2019 03:32PM UTC | 1 Agent replies | 0 Community replies | How do I?

JSON Response hidden data

Hey there burp community, Here is my question : I was using the repeater tool to send requests and in the response some of the data was hidden/censored by an asterix (*) (eg....

Last updated: Nov 11, 2019 09:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

i can get in 'http://burp/' but other websites

i run proxy 127.0.0.1:8080 with burp suite and set chrome or firefox proxy at 127.0.0.1:8080, finally,i just can enter 'http://burp/' to download certificate . and all the other websites, i couldn't get in .why? why?

Last updated: Nov 11, 2019 08:55AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do I run passive scan on a specific request

It does not appear to be possible to run _passive_ scan rules on one or multiple requests. There used to be an option in the right-click menu in proxy, target and other.

Last updated: Nov 11, 2019 08:38AM UTC | 1 Agent replies | 0 Community replies | How do I?

How to use burpsuite pro shipped with burp enterprise

Hi Team, I want to know how to use burpsuite pro shipped with burp enterprise version. Is it possible to use it or trigger it with vmware/burp-rest-api. Kindly let me know how this can be worked on?

Last updated: Nov 11, 2019 08:28AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Extender support in Free Edition

We currently pay for the Pro Edition however numerous cases have arisen to develop tools for continued use by other individuals who currently do not pay for the Professional Edition. Is there any support for Extensions in...

Last updated: Nov 11, 2019 02:11AM UTC | 3 Agent replies | 3 Community replies | How do I?

how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?

hi, i have PC for penetration test for internal application. but i suspect my PC has been hacked by other stranger. how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?

Last updated: Nov 08, 2019 10:45PM UTC | 2 Agent replies | 2 Community replies | How do I?

Web Security Academy - Blind XXE Lab 3 ("Exploiting blind XXE to exfiltrate data using a malicious")

Dear Support, I tried the challenge to receive the /etc/hostname using the following: Initial XML in HTTP request: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE foo [ <!ENTITY % xxe SYSTEM...

Last updated: Nov 07, 2019 07:11PM UTC | 1 Agent replies | 2 Community replies | How do I?

OWASP top 10 reporting?

Is there a way to customize the reporting to show OWASP top 10 report or how can we get OWASP top 10 reporting? Thanks

Last updated: Nov 07, 2019 11:48AM UTC | 3 Agent replies | 2 Community replies | How do I?

Extract Json Report from the scans from Burp Enterprise

How can I extract Json Report from the scans from Burp Enterprise?

Last updated: Nov 07, 2019 08:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

Application Login Session

During the manual audit/scan, why does the burp logsout the application under audit/scan? During the audit/scan, some of the requests are resulting in request timed out? Is it expected and what could be the...

Last updated: Nov 06, 2019 01:28PM UTC | 1 Agent replies | 0 Community replies | How do I?

how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?

hi, i have PC for penetration test for internal application. but i suspect my PC has been hacked by other stranger. how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?

Last updated: Nov 06, 2019 12:01PM UTC | 1 Agent replies | 0 Community replies | How do I?

burp setting

I use burp professional version, I click new scan task, it asks me to define crawling and auditing parameter, I use default setting, i can't find xss and csrf, so any parameter need to be changed in audit setting so we can...

Last updated: Nov 06, 2019 08:41AM UTC | 2 Agent replies | 2 Community replies | How do I?

Trouble with configuring Burp with Firefox

Hi Team/Friends, I am having a bit of trouble setting up Burp with Firefox. I change the network setting of Firefox to 127.0.0.1:8080 and in burp the settings are normal. If I turn the intercept on, burp start to...

Last updated: Nov 06, 2019 01:53AM UTC | 1 Agent replies | 2 Community replies | How do I?

How to use burp with flutter based Android applications

Any tips while pen-testing Flutter based Android apps? Since it ignores system proxy and user/system CA certificates you cannot use burp suite easily. I found a couple of blogs but they suggest patching etc. Is there any...

Last updated: Nov 05, 2019 01:10PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Enterprise Support

Hi Portswigger, For installing BurpSuite Enterprise for evaluation purpose, we are going with bare minimum requirements. The documentation shows this: Enterprise server machine Agent...

Last updated: Nov 05, 2019 08:33AM UTC | 1 Agent replies | 0 Community replies | How do I?

Encountering javax.net.ssl.SSLException: Unsupported or unrecognized ssl message when crawling

I have recently upgraded to Burp Suite Pro 2.1.04. Previously I could spider my application but using the new crawler I immediately encounter the following exception and can't seem to get much further. ...

Last updated: Nov 04, 2019 09:01PM UTC | 2 Agent replies | 1 Community replies | How do I?

Cross-site scripting (DOM-based)

Burp has created 3 different DOM XSS issues with this description with High Severity and Firm Confidence The application may be vulnerable to DOM-based cross-site scripting. Data is read from window.location.hash and...

Last updated: Nov 04, 2019 10:16AM UTC | 1 Agent replies | 0 Community replies | How do I?

240 241
242
243 244

Page 242 of 311

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image