How do I? - Page 261 - Burp Suite User Forum

Burp Compatibility with GWT(Google Web Toolkit)

While doing the Burp(v1.7.27) Scan URLs using GWT plugin(Gwtscan.jar), Downloaded from the given location: https://www.gremwell.com/burp_plugin_for_scanning_gwt_and_json I am getting the following error: [4]...

How to see the documentation of rest api

II installed the beta version of burp , and able to access http://localhost:1337/v0.1/ using key. But I want to see the documentation of rest api , how do I do that I tried http://localhost:1337/v0.1/<key>/api-docs it does...

Opening saved project using CLI

I have saved my burp project in the .json format (Burp menu-->Save a copy of project). Now i have to open the saved project in burp suite using CLI and scan the url of the project.Could you provide the steps to execute it?

Burp Enterprise Basic Authentication

I'm evaluating Burp Suite Enterprise and struggle to authenticate the scanner. I added the credentials to the site's application log configuration. But the scanner does not recognize them or create a "Basic Authentication"...

How to intercept responses from Oracle ADF

I am trying to intercept traffic on an application that has been built using Oracle ADF. I am observing in the Proxy history that some URLs are being rapidly replaced/deleted. When they get replaced, it looks like there is a...

smart card client certificate Error signing certificate verify

Hello! I want to test a a web page which uses client certificate for authentication (smart card -pkcs11). If I connect to the page without Burp proxy I can log in. If I set the client certificate in Burp's User...

Crawling is Incomplete

I have a site where / redirects to a maintenance page. I've used the Discover Content tool to enumerate a number of pages on the site. I now want to crawl all of the enumerated pages to discover more content. When I start a...

position marker issue

Position marker is getting set wrongly by default... see the screenshot in below pic... https://photos.app.goo.gl/Xmxfjk6afmVAKN8DA how do i fix this issue ?

Order number: FAB0EF2C4E

Just placed a Reseller Order. Just need help with the processing of the order.

Link Manipulation (DOM-based)

Hello, I'm scanning a website using Burp and I got the following issue, which I'm trying to replicate. However, I'm not really understanding what was injected and the supposed response. Could anybody help me clear this...

Showing insecure connection in firefox even after installing burpsuite certific

Hi All, I am trying to work in burp suite and have configured it with the latest firefox. After that I installed/imported the burp suite certificate and it is showing under the view certificate section. Next, when I try to...

Problem on reproducing the issue BurpSuite Reported

I am working on a project in which the BurpSuite's scanners report me there is a reflected xss vuln in there . The payloads is as : zhenw'-alert(1)-'xcwq The payload is working without any problem till I use "Show...

Burp Suite Enterprise Crawling

How do I verify that it is actually crawling the website and finding the correct logins or resources? We have a site that hosts a variety of different tools with the need to login. Where do I see if it gets to the subdomain,...

[Android] Intercept Traffic Issue

ok straight to the point : Device : Android 5 (Already Inject Certificate from burp suite) Burpsuite : 1.7.37 i try browsing to google to make sure certificate installed correctly by NOT displaying "your connection...

Close http request if time takes more than limit.

I'm using intruder attack to check if otp is valid and then use that otp for different transaction. but one otp is allowed for single transaction. if otp is validated then i get response 'otp already consumed' else i get...

Multiple instances (users) on one server

Dear All, I bought four licenses for Burp Suite Professional edition. I would like to run all instances of Burp on a single Linux server. (One instance per user) Do I need to take care about anything with such setup?...

Using in burpsuit in private organisation network

Hello, My organisation uses automatic configuration scipt in the network for connecting to the internet. I am trying to configure burpsuit in these environment and tried proxy settings as "127.0.0.1:8080" but unable to...

Abandant issue

Can you please suggest me that how to avoid getting abundant issue during scanning..?

Surveys

Hi. I have seen in different apps and websites that you can win free gems, coins, diamonds, or whatever. Or there is "Generators" that require human verification. However, I have tried doing the task they want me to do (Yay...

Deleting scanned items

In older version of Burp Suite, 'Delete Scanned Items' used to exist. that was helpful in clearing the queue. With latest version, that option is not visible(only Hiding is available). As a result , I have to close and start...