How do I? - Page 268 - Burp Suite User Forum

viewing and modifying spider queues

There are x number of requests queued in Spider and y number of forms queued. How can we see these queues (and modify them)?

Where is the physical location of the "CA Cert" Burp uses?

Under https://portswigger.net/burp/help/proxy_options.html#listeners_requesthandling it states"Burp creates a unique, self-signed Certificate Authority (CA) certificate, and stores this on your computer to use each time Burp...

Export "Certificate in DER format" vs "Private key in DER format"

I'm confused by two options in "Proxy>>Options>>Export CA Cert". What is the difference between "Export Certificate in DER format" and "Export Private key in DER format"? 1. If I "Export Private key in DER format",...

JefferyVor

<a href=http://purchaseviagrafrompfizer.com/>viagra uk cheap purchase buy </a>

MichealOl

<a href=http://wheretobuyviagraonlines.com/>viagra online order uk </a>

RichardNus

<a href=http://www.viagraforsalecheapest.xyz/>viagra sale </a>

high contrast colors

Hi, in "Target >> Site map", entries are colored black and gray. Is there any setting in options to change the colors to a "high contrast" pair? My eyes can't quite tell the contrast between black and gray.

multiple sessions

How can we run 2 individual sessions of Burp Suite concurrently? For example, if we need to switch between two work cases frequently.

Binding proxy to "127.0.0.2"

How can I bind to "127.0.0.2" ? under "specific address" option, there is no such pre-populated option. Also the UI does not have a way to manually input "127.0.0.2".

How does "Remove all JavaScript" work?

Does it only scan the response for <script></script> tags and remove those from the response? What about stuff like <input onclick="alert(1);"> And also, how does the removal work when faced with unequal opening and...

Burp is intercepting while "Intercept off".

I have intercept set to off. However, Burp is still intercepting my responses. This can easily be tested and verified by ticking some of the entries in Proxy>>Options>>Response Modification. Burp is clearly intercepting...

Burp Suite Documentation

Hi, Where can I find the link to download the documentation in PDF format. Thank you.

Burp Manual?

We're looking into possibly purchasing your product. Is there a good training course or a detailed technical manual in using the full functionality of Burp Suite Pro? Thanks Jane

burp active scan

Hi, I am testing a web page (a form) that allows you to make the changes for several fields. The form has several parameters in POST request (name and value pair in the body). If you do not make any changes, and hit submit,...

Scanner Issue activity

Hello, How can I preserve the "issue activity" contents across restores? Thank you

Severity Ratings

I understand that the severity ratings are defined based upon the experience of your security researchers and and seeing the vulnerabilities in real applications. What I have not yet been able to identify is what exactly a...

Hex encoded characters in custom parameter from macro response

I'm trying to work with a JSF application that uses a ViewState parameter as a CSRF token. I have setup a macro to grab the token and use it in requests, but character encoding is preventing this working. The response...

How do I make Burp settings persistent?

Hi, I'm running the Burp Suite Free Edition v1.6.32 on Windows 7. When starting the jar file, I'm getting a pop-up "Delete old temporary files?", which I don't delete, then I can use the app. But the settings set in...

Proxy Issue - Browser Hangs??

I set up Burp proxy as per documentation, but when I request a URL it shows in the http history tab but the page then hangs in the browser window, tried in Chrome, Firefox and IE. Can't figure our what the issue is... Any...

Test application with random parameter names

If there is any possibility in Burp to use Intruder or Scanner to test an application which sends in each request random parameter names? Application works in this way, for each page: - generates parameter names, I see...