Burp Suite User Forum
For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.
It does not appear to be possible to run _passive_ scan rules on one or multiple requests. There used to be an option in the right-click menu in proxy, target and other.
Hi Team, I want to know how to use burpsuite pro shipped with burp enterprise version. Is it possible to use it or trigger it with vmware/burp-rest-api. Kindly let me know how this can be worked on?
We currently pay for the Pro Edition however numerous cases have arisen to develop tools for continued use by other individuals who currently do not pay for the Professional Edition. Is there any support for Extensions in...
hi, i have PC for penetration test for internal application. but i suspect my PC has been hacked by other stranger. how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?
Dear Support, I tried the challenge to receive the /etc/hostname using the following: Initial XML in HTTP request: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE foo [ <!ENTITY % xxe SYSTEM...
Is there a way to customize the reporting to show OWASP top 10 report or how can we get OWASP top 10 reporting? Thanks
How can I extract Json Report from the scans from Burp Enterprise?
During the manual audit/scan, why does the burp logsout the application under audit/scan? During the audit/scan, some of the requests are resulting in request timed out? Is it expected and what could be the...
hi, i have PC for penetration test for internal application. but i suspect my PC has been hacked by other stranger. how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?
I use burp professional version, I click new scan task, it asks me to define crawling and auditing parameter, I use default setting, i can't find xss and csrf, so any parameter need to be changed in audit setting so we can...
Hi Team/Friends, I am having a bit of trouble setting up Burp with Firefox. I change the network setting of Firefox to 127.0.0.1:8080 and in burp the settings are normal. If I turn the intercept on, burp start to...
Any tips while pen-testing Flutter based Android apps? Since it ignores system proxy and user/system CA certificates you cannot use burp suite easily. I found a couple of blogs but they suggest patching etc. Is there any...
Hi Portswigger, For installing BurpSuite Enterprise for evaluation purpose, we are going with bare minimum requirements. The documentation shows this: Enterprise server machine Agent...
I have recently upgraded to Burp Suite Pro 2.1.04. Previously I could spider my application but using the new crawler I immediately encounter the following exception and can't seem to get much further. ...
Burp has created 3 different DOM XSS issues with this description with High Severity and Firm Confidence The application may be vulnerable to DOM-based cross-site scripting. Data is read from window.location.hash and...
I am using Crawl with Bup Suite 2.0. In Burp Suite 1.0, there was a “Form Submission” item in Spider, and “Prompt for guidance” could be selected. Is it possible to make similar settings in Crawl of Bup Suite 2.0?
Hello, I am using the Burp API to automate the scans on Burp Suite v1.7.31 After creating a macro, I am supplying credentials and I am able to login later using the macro. However, Burp is only able to spider or crawl...
Hello guys... I'm using burp suite for the first month it works perfectly later i stopped using this for a while due to my studies and extra works... Now when i'm using now it doesn't works as usual and it shows...
hi PortSwigger, Do you have any cloud formation scripts to install the enterprise server and the agents, say all in one machine (or more?) Thanks, --Jyothsna
I try to install the rotation.py on my macos it say that sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at...
Page 263 of 331
Your source for help and advice on all things Burp-related.