Burp Suite User Forum

Create new post

Parse cookies from proxy history

With Burp Pro, is there a way to parse/extract all cookies with a certain name from the proxy history? I currently have no way of requesting the generated cookie for the web-application and I want to use the Sequencer...

Last updated: Oct 31, 2018 12:29PM UTC | 1 Agent replies | 1 Community replies | How do I?

Enterprise Beta - Are workflows a feature yet?

Hi team, I am trialing the enterprise beta edition and just wondering if there is any feature available or in the pipeline for adding your own workflow steps? Currently can't get the scan agent to get past a terms &...

Last updated: Oct 31, 2018 08:50AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Interception

I have set the Burp proxy as recommended, when I put IP in search bar(URL) it loads the page but for further page even if I click on forward button in burp it doesn't load the page

Last updated: Oct 30, 2018 07:46AM UTC | 1 Agent replies | 0 Community replies | How do I?

burp problem

hi dear : i have problem with the burp suite 1- i download CA Certificate 2- i import the Certificate in my Browser's authority certificate 3- i get permission for trust but is not work i don't know why

Last updated: Oct 29, 2018 07:44AM UTC | 1 Agent replies | 0 Community replies | How do I?

Unable to configure Burp with a web application which prompts 3 certificates while accessing

Hello Team, We are working on a web application where the application requires 3 certificates (with .p12 extension) which are related to Admin user 1, 2 & 3 are to be installed post that the application will be accessible...

Last updated: Oct 26, 2018 12:46PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp new rest api feature

Hi, I am trying to use rest api feature on my professional. But getting the problem with the POST call, when I send the post request with the URL, it is not doing the proper crawling and scan. And when I am sending data for...

Last updated: Oct 25, 2018 10:24AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do I intercept and Add to Site Map requests PUT/UPDATE/HEAD/DELETE

Hello, I am just in the middle of Web Service Pentest - REST API. I received Swagger documentation and right now I am trying to spider all the endpoints and methods to Burp. Problem is, I am not able to intercept any...

Last updated: Oct 24, 2018 02:30PM UTC | 1 Agent replies | 0 Community replies | How do I?

BurpSuite Enterprise - Agent does not use upstream proxy server

Hi everyone, I am currently evaluating Burp Enterprise. I installed all components on the same machine. On this machine I need to use a proxy to reach the Internet. This proxy listens on the loopback interface. I've...

Last updated: Oct 24, 2018 01:31PM UTC | 1 Agent replies | 1 Community replies | How do I?

SnipSegment

Dear Support Center, Now I`m using REST API to check a happend issue and its response and request. But the data we`ve got the following API command does not have the all response. curl -vgw "\n" -X GET...

Last updated: Oct 24, 2018 11:16AM UTC | 1 Agent replies | 0 Community replies | How do I?

Download zip files for further testing from an intruder attack

I am running an intruder attack where the response is a zip file. How can I save the zip files into a folder automatically so that I can do further custom testing using them? Thank you.

Last updated: Oct 22, 2018 07:20PM UTC | 1 Agent replies | 1 Community replies | How do I?

Cross-site scripting (DOM-based)

Hi, When I am doing an active scan on a website, I got an issue name Cross-site scripting (DOM-based) with Severity: High Confidence: Tentative Issue detail The application may be vulnerable to DOM-based...

Last updated: Oct 22, 2018 09:46AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp CA in System and Google Play Store still report No internet connection

Burp CA installed as trusted on the Android Nougat OS level rooted device, but Google Play Store still inform that there is "No internet connection. Make sure WiFi or cellular data is turned on, then try again". Other app...

Last updated: Oct 22, 2018 08:26AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp scan time duration

Hello Team, Is there any way to calculate the live scan time or duration, I mean how much time will take for the scan. please implement this in the scanner, that people get to know how much will take in the live scan

Last updated: Oct 22, 2018 05:03AM UTC | 1 Agent replies | 1 Community replies | How do I?

Integration of Burp with Jenkins

Hi, I'm using Burp suite pro version. Is it possible to automate the Burp scanning so that we can integrate with the build? Like we have automation testing scripts which we integrated with the build using CI tool...

Last updated: Oct 20, 2018 12:18AM UTC | 18 Agent replies | 29 Community replies | How do I?

Burp Suite is corrupt is always corrupted when I download the file.

I try two times download the *.sh file for linux https://portswigger.net/burp/communitydownload But always I download the file this happens gzip: sfx_archive.tar.gz: not in gzip format I am sorry, but the installer...

Last updated: Oct 17, 2018 04:01PM UTC | 1 Agent replies | 1 Community replies | How do I?

How to test External service interaction (DNS) & (HTTP) vulnerability ?

I got the vulnerabilities External service interaction (DNS) & External service interaction (HTTP) from burp scan. How can i test whether this is a false positive or not ? I have to add the POC in the report.

Last updated: Oct 17, 2018 05:30AM UTC | 1 Agent replies | 1 Community replies | How do I?

why my base response in scanner is incorrect

I have a POST request POST /request/<ID> which gives successful response(200 OK) for a unique id value. But if the same id value is used again, then we get 4XX series of response with an error stating ID already...

Last updated: Oct 16, 2018 12:43PM UTC | 1 Agent replies | 0 Community replies | How do I?

Identifying presence of mobile code (STIG assessment)

Is there a list/suite of signatures to check for the presence of mobile code?

Last updated: Oct 15, 2018 02:40PM UTC | 1 Agent replies | 0 Community replies | How do I?

Importing Certificates

When attempting to import a certificate and key in DER format the following message appears. "Failed to import certificate: java.security:InvalidKeyException: IO Exception: DERInputStream: getLength(): lengthtag = 127....

Last updated: Oct 15, 2018 02:07PM UTC | 4 Agent replies | 4 Community replies | How do I?

Interception Not Working.

Websites aren't loading and I am not receiving the request in the interceptions tab. URLs appear in the history, I have the settings set to default; I have no idea what's wrong, obviously.

Last updated: Oct 15, 2018 01:24PM UTC | 4 Agent replies | 3 Community replies | How do I?

Page 273 of 317

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image