How do I? - Page 271 - Burp Suite User Forum

Headless license install with linux binary

If I use the linux installer to install Burpsuite Pro (rather than running the .jar), is it possible to provision the license headless, similar to what is described in the automated install...

vulnerable to DOM-based cross-site scripting

Is it possible to exploit ? var redirectUrl = $(location).attr('href'); $(location).attr('href', 'Url' + redirectUrl);

unable to add cacert of Burp in Mozilla 68.0.1

Hi.. im using burp v1.6. tried to add ca cert, but even after import i cant see in certificates tab.

Transfer Burp Suite Enterprise License

I installed and activated my enterprise license on a local virtual machine while testing the installation and deployment process. I've completed the installation to my production environment but can no longer use my license...

Scan unusual ports

I have setup my Scope with 50 or so IP addresses. When I try and start a new scan using unusual ports off those IP addresses Burp Pro 2.1 tells me that these URLS to scan are out of scope. I've tried adding them...

Save Task Execution Project Options

Is it possible to export and import the Dashboard "Task execution" settings, "Live passive crawl" settings, and "Live audit" settings so that they can be automatically used when Burp is next started? For example, can a user...

The login script on the new Burp version

Hello, in the older Burp version there was an option to make a login script, which would initiate during spider or scan functions. That script had options to check for session validity, have a custom login flow sequence...

net flix

i want netflix account

Burp Collaborator

Hello, I'm trying to setup a private burp collaborator server the only things I have: Kali machine in a VM and burp No internet connection, just a single machine to work with how can I setup the collaborator in this...

How to pass through HTTP traffic

Hi guys, When performing a pentest, I often don't want to define scope rules because I can never know which hosts the main application is requesting. So to reduce the noise in the history section I use SSL pass through to...

about copied link from show response in browser

hey, is there any way to check a the data for the URLs copied from show response in browser function.... ??? because i found same bug on several websites but the thing is that time i didnt know that it was a bug.. now i...

Unable to capture request through burp suite

Hi, I am unable to capture requests in burp suite if SSL is been integrated. How do i capture requests through burp suite if SSL is been integrated?? Can anyone help me with this issue?? Thanks

how many target can we scan?

Hi, would you please clarify me about how Burp enterprise scans vs. Acunetix?! in summary, Acunetix is target base and you should by a license based on the targets that you need. for instance, if you have 100 subdomains...

dqwwdw

<b onmouseover=alert('Wufff!')>click me!</b>

unable to create new user

I have not yet configured email settings, I create a new user and copy the registration link that I provided to the newly created user. When the new user opens that link it is showing "This link has expired"

inspect connection between burp and portswigger.net

Hello, burp support ! Tell me please. How can I inspect connection between my burp pro and its basic web site (portswigger.net). If I set burp connection through ssl mitm proxy - my burp gives me error about wrong...

web

When I apply for the Professional Edition, I am prompted to receive an invalid email address. what should I do? email address : admin@ituoch.net

What are the system requirements for Burp Suite Professional

What are the system requirements for Burp Suite Professional (single user licensed)

How we send brute force attack with different ip address for every single request ?

Hello anyone, How can we do brute force attack or sending many request to the server with different ip address for every single request ? Thanks Best regards, Gnux

Disabling URL Encoding in Spider

Hi, Intruder has a feature that allows the user to specify whether or not special characters should be URL-encoded. Is there a similar feature for custom values submitted with the spider?