How do I? - Page 268 - Burp Suite User Forum

1539392247666 Proxy [3] The client failed to negotiate an SSL connection to gateway-carry.icloud.co

Hello, I am trying to connect burp to my phone. I make proxy listener on all interfaces and on port 8080. I then go to my ios device and connect to that proxy. I open up anything and it says "1539392247666 Proxy [3] The...

what payload type I should use in intruder , if password pattern has characters that are known

I am trying to brute forcing a login page using the intruder , attack type cluster bomb , I have defined the payload set 1 for username , in payload set 2 I want to brute the password , noting that I know that the pass...

I can get response in browser but can't when go through Burp

I'm using Burp to find the real video file URL of a web page. I can play the video without any issue in the browser. However, when I set the browser to go through Burp, it simply didn't get the response and wait...

Second User

Hi. Is there a way to create a second user for logging in to https://portswigger.net/users/youraccount? Actually we only have edv@reval.com. Thanks

BurpSuite Enterprise - Agent Health Status: Ouf of Disk Space

Hi everybody, Agents (1.0.04beta) seem to require at least 5GB free space in /tmp. That's what enterpriseAgent.log tells me: 2018-10-12 11:01:50 WARN n.p.enterprise.common.health.e - HealthCheckResult{type=10001,...

Automate Burpe with login Credentials

Hello All, I have two different websites I currently manually scan, both of them require me logging in to scan and spider. I was looking to automate my process with Carbonator but it doesn't seem to have a way for me to...

Network Traffic Control

Hi Support Center Members, We want to control the Network traffic(is caused by Burp) while we are conducting the "Scanner." Is there any function to control the Network traffic or use case(outside the function)? And...

Permission Denied: Connect Error

Whenever I try to open a url with http:// it comes up with an error, Permission Denied: Connect. I am using community edition and firefox. Thanks in advance

'Interface port 8080 is not running'

Hi, I am using Burp Suite 1.6 Free Edition. in proxy option and proxy Listeners section my Interface (127.0.0.1:8080), Running Check Box is not checked ! how do i?, i click the CheckBox but nothing to show. pls help me pic...

Can not using burp when application added Clouldflare

when i try to run my application , i got : Your connection is not private Attackers might be trying to steal your information from x.com (for example, passwords, messages, or credit cards). Learn...

Change parameter submitted during ActiveScan

After migrating to 2.0+, where can we modify the values submitted (POST) during an Audit scan (e.g. Peter Winter, etc.)

Burp Collaborator question

Hello, I hold a licence for Burp PRO and have a question about Burp Collaborator. A few days ago I ran some active scans against an application (some scans were run against a "request support/add ticket" kind of...

Static Application Security Testing

Our team has been discussion implementing SAST for our PHP code to help identify issues earlier in the development cycle. Would please provide a "How To", diagram, helpful hints etc on how we would accomplish this task? ...

How to intercept info comming threw the command prompt window, not http?

Hi, I am running an x-client on my pc and want to use Burp to intercept the info for a Cluster bomb attack. I can set up Burp to intercept data from a website but how do I set it up to intercept data that just runs in a CMD...

base64

Hi, I want to use Intruder to fuzz param1 and param2 in a base64 encoded payload: Intercepted POST request body: data=cGFyYW0xPTEyMzsgcGFyYW0yPTQ1Ng== Decoding "data": param1=123; param2=456 I figured out...

Crawler throttle options

Hello, The old spider engine has throttle between requests options but I cannot find them with the beta version Crawler?

Reporting on the evaluation version Burp Suite Enterprise Edition

I'm current evaluating Burp Suite Enterprise Edition Version: 1.0.03beta-804 and I managed to perform the scan and see the results however I cannot find any reporting option. Is this available on the evaluation version?

How do i delete the host from site map?

I want to delete host from site map using REST API/Burp Extender. How to achieve this?

Reuse the URLs captured using intercept on one host to run active scan on other host

Hi, I need to run active scans against a set of URLs on multiple hosts (of same application with minor application version differences, however, these URLs under test do not differ.) Is there a way that I can reuse the...

create payload rule to reject or bypass payloads with duplicate characters

for example: I don't want burpsuite to try passwords like these: egraaaaa hidbbbbb hfkkkkkka ewsaaaas any word with duplicate letters more than 4 characters should be skipped. please help .