Burp Suite User Forum
The "Viewstate" tab shows up on requests with VIEWSTATE in them, and decodes them nicely. I can't seem to get it to show up for responses though. Whilst the next request nearly always contains the previous response, it...
Hi Guys, Looking for quick help how can we get an XML report with base64 as false <request method="GET" base64="false">. I mean I need request and response in plain text rather than base64 encoded. I ran burp in headless...
hello support and folk ... im trying to send an exploit to server vlun to : Apache Struts2 Remote Command Execution (S2-052) the payload is : <map> <entry> <jdk.nashorn.internal.objects.NativeString> ...
How to print out a report from Burp suite after a scan.
Hello Team, Hope you are doing well! Currently i am going through the training materials under Web Security Academy and i must say that you have explained the topics very well! I am also following up through Lab...
Hello, I recently switched to Burp Pro v2.1 from v1.7.34 and I can't seem to find the "Passwords" option under the "Burp" drop down menu. I can't keep test credentials in the burp project file unprotected. Where is...
Is there any issue with Jre10. I get this pop u: Burp is not tested for this edition. Some features may not work. And I do not get any RAW data in the RAW tab. But the data gets intercepted. I get intercepted...
I have a scenario where I am trying to take the output from an initial request's response and feed it into a second request. This can be done with traditional PARAM_BODY and PARAM_URL parameters using a macro (pre or post)...
Good morning, we can´t burp suite enterprise installation because it show invalid user in login, our number of ref. is Qro0618. Thanks for your attention.
I've been trying to intercept HTTP requests from WebGoat in both IE and Chrome via Burpsuite's proxy function the past few days. WebGoat is functioning as expected as I can see the site which is running on my host computer...
Am asking the very basic question but am looking to configure first build for security test , can you share sample script to configure the brup suite enterprise scanner into azure using powershell ..thank you I know you...
Hello Team, I need help. I have couple of login requests and only when the last request is fired, the server sends the cookie. But the problem here is my 3rd request out of 5 requests, contains a dynamic URL part which...
Is it possible or are there any extensions to group Repeater tabs? For example, Group 1 could contain all webapp1 requests and Group 2 could contain all webapp2 requests.
I am trying to solve the CSRF exercise/tutorial. I'm new to burp/port swigger. Here is a link to the exercise: https://portswigger.net/web-security/csrf/lab-no-defenses The solution I came up with is this: <form...
I am not able to generate the HTML report for Burp suite Intruder
Hello support, in the last version of burp I see that it is possible to reply websocket with repeater tab. but my problem is that when the websocket connection has been connected but after put a command message it...
can you help me I am getting an error in the lab for MySQL and Microsoft version check query even solutions is also not working apart from the version I tried other things to check column and still giving an error. ...
Using Intruder, within a string, I need to cycle between two values in one payload, in sync with brute forcing another payload. I have an ID of pattern XXXXXX-[(3|4)][0-9A-Z]{3}. For each 3 character value in the second...
Hello, I'd wish to edit and resend websocket data, like we do for HTTP requests. Is that something doable?
I'm sorry if this has been answered already but I have looked everywhere for answers and nothing has solved my issue. I have configured burp to fire fox but when I fire up a web page I get an error message that reads...
Page 249 of 312
Your source for help and advice on all things Burp-related.