How do I? - Page 243 - Burp Suite User Forum

How to use burp with flutter based Android applications

Any tips while pen-testing Flutter based Android apps? Since it ignores system proxy and user/system CA certificates you cannot use burp suite easily. I found a couple of blogs but they suggest patching etc. Is there any...

Burp Enterprise Support

Hi Portswigger, For installing BurpSuite Enterprise for evaluation purpose, we are going with bare minimum requirements. The documentation shows this: Enterprise server machine Agent...

Encountering javax.net.ssl.SSLException: Unsupported or unrecognized ssl message when crawling

I have recently upgraded to Burp Suite Pro 2.1.04. Previously I could spider my application but using the new crawler I immediately encounter the following exception and can't seem to get much further. ...

Cross-site scripting (DOM-based)

Burp has created 3 different DOM XSS issues with this description with High Severity and Firm Confidence The application may be vulnerable to DOM-based cross-site scripting. Data is read from window.location.hash and...

Burp 2.0 Crawl Form submission

I am using Crawl with Bup Suite 2.0. In Burp Suite 1.0, there was a “Form Submission” item in Spider, and “Prompt for guidance” could be selected. Is it possible to make similar settings in Crawl of Bup Suite 2.0?

Burp Automated Scan using Macro not spidering all url's

Hello, I am using the Burp API to automate the scans on Burp Suite v1.7.31 After creating a macro, I am supplying credentials and I am able to login later using the macro. However, Burp is only able to spider or crawl...

Got strucked.. Cant know what to do

Hello guys... I'm using burp suite for the first month it works perfectly later i stopped using this for a while due to my studies and extra works... Now when i'm using now it doesn't works as usual and it shows...

Do you have any cloud formation scripts

hi PortSwigger, Do you have any cloud formation scripts to install the enterprise server and the agents, say all in one machine (or more?) Thanks, --Jyothsna

Irotate

I try to install the rotation.py on my macos it say that sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at...

Ip rotate

I'm on macbook and I try several time to install ip rotate on macos I already install the jython for the environnement my question is do someone is mind to help me with that because I always got a problem with the...

BurpSuite Enterprise and Jenkins

When using Jenkins to build with BurpSuite Enterprise, the following error gets produced: " java.lang.IllegalArgumentException: Must provide a certificate in PEM format". What certificate is it referring to, is this the API...

how to use a client certificate that doesn't have a password

I have a client certificate that is required to access a website I need to run Burp Suite Pro against but the certificate does not have a password. Is there a way of not specifying the password when trying to configure the...

Burp Pro 2.1.04 - Cannot Audit JavaScript Application After Manual Crawl

Situation: Currently I'm performing a security assessment of a webapp hosted on a windows server that uses angular.js as its web framework. To be able to crawl the webapp manually (after some research I figured out this is...

'http://burp' redirects on 'http://www.inert.com/'

Hello, I would like to get CA Certificate for Firefox, according to userguide 'https://support.portswigger.net/customer/portal/articles/1783087-Installing_Installing%20CA%20Certificate%20-%20FF.html' but when I go to...

Burp Suite can't Captureing Data? Intercept not working?

Dear Watchers Asslamualaikum. so most of users facing a problem with burp suite. which is burp suite cant capturing data or intercept not working . Well dont worry i made a tricky way to fixed this . watch my video to fix...

Burp Enterprise Scan Failed

The burp enterprise scan sometimes results in failed scan. The two of the most common errors : 1. Lost communication with BurpSuite 2. 10 consecutive audit items have failed What's the troubleshooting and problem...

http request summgging and CORS poc

By checking from the website, there are one article refered to http request smugging and another article for CORs exploit. these two articles are quite theoritic but in order to test and proof of concept in Burp, is there...

Asks for License key every time when I load from Command Prompt

I am using Burp Pro in Windows. In GUI mode, I am able to start 2 or more instances of Burp and able to work with different projects at the same time. But, when I try to do the same in the same machine via Command...

Burp crawl and audit fails against the DVWA.

Hi, I'm using burp's crawl and audit scan to find as many issues in the DVWA as possible. However, the configured "Application login" fails to log in the application and perform an authenticated crawl and scan. The crawl...

Move Database

Is it possible to move the Enterprise database to another volume/disk without re-installing the application?