Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Scan Targets behind CAS

Hi, I want to run the scanner on a target that is behind CAS. How do I setup authentication for this scenario? Thank you Anup

Last updated: Jun 20, 2019 09:42AM UTC | 1 Agent replies | 0 Community replies | How do I?

Make subdomain bruteforce

Hi! How i can bruteforce subdomains with burp suite?

Last updated: Jun 19, 2019 12:25PM UTC | 0 Agent replies | 1 Community replies | How do I?

Replace expired access token in scanner request headers with the valid access token all at once

Hi Background : I am trying to scan our website using Burp scanner. I am able to configure session handling rules...

Last updated: Jun 19, 2019 09:19AM UTC | 1 Agent replies | 0 Community replies | How do I?

I can't see a POST Requet in Proxy Intercept menu but it is in the HTTP history menu

I should find out a specific POST REQUEST in Proxy Intercept menu.. I couldn't find this in the menu but it was in HTTP HISTORY menu.. How can I find this in intercept menu..?

Last updated: Jun 18, 2019 07:26AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp collaborator server domain

hello, I have a looked at the documentation but could'nt find any reference. What is the domain name of the collaborator server that burp checks the interactions (when I click poll button)? I need to take a firewall...

Last updated: Jun 18, 2019 07:25AM UTC | 1 Agent replies | 1 Community replies | How do I?

asterisk platform authentication

hi, I need to put entry in platform authentication (user options-connections) for some domains. When I use a.foo.com, burp still asks another entry for b.foo.com. I want to use one entry for all *.foo.com. * doesn't seem...

Last updated: Jun 18, 2019 07:09AM UTC | 2 Agent replies | 1 Community replies | How do I?

Burp Scan plugin Post Build Actions Report

Hello, We are using 'Burp Scan' plugin to integrate the Burp Enterprise with Jenkins. In the 'Post-build Actions' we are not able to find any options that would show the execution report that we can share with stake...

Last updated: Jun 17, 2019 12:20PM UTC | 1 Agent replies | 0 Community replies | How do I?

How to create a tab like the proxy tab

Hello, i would like to create a tab similar to the "Proxy" one where I can have "intercept on/off" and to forward or drop a package but to only capture communication between specific domains. How would i start something...

Last updated: Jun 17, 2019 09:51AM UTC | 2 Agent replies | 1 Community replies | How do I?

See the crawled URLs in Burp enterprise

Hi, we just set up a scan for one of our projects which was running for about 6 hours. But we did not find any output or finding which seems a bit unlikely due ot the number of requests issued (several thousand) To verify...

Last updated: Jun 17, 2019 09:09AM UTC | 3 Agent replies | 2 Community replies | How do I?

Session Handling with 2 CSRF Tokens

Hi I am trying to create a session handling rule for the request having 2 CSRF Tokens. My GET Request has 2 parameters of CSRF Tokens in the response. I am extracting those while creating my macro. but it is still now...

Last updated: Jun 17, 2019 08:17AM UTC | 2 Agent replies | 1 Community replies | How do I?

Carreras de caballlos

Hola ok

Last updated: Jun 16, 2019 12:57AM UTC | 0 Agent replies | 0 Community replies | How do I?

Carreras de caballlos

Hola ok

Last updated: Jun 16, 2019 12:55AM UTC | 0 Agent replies | 0 Community replies | How do I?

unable to get a request from webgoat to burp suite

i have installed weboat which is running on port 8080. i have installed burp suite . changes proxy settings 127.0.0. 1: 8089 i have changed the proxy settings in chrome to 127.0.0. 1: 8089. I am able to get other requests...

Last updated: Jun 14, 2019 09:23AM UTC | 1 Agent replies | 0 Community replies | How do I?

Is it possible to have different severities in issues with the same name / type ?

Hi team. I was working on the Dradis burp add-on, I wanted to know if when parsing a burp xml file, is it possible for 2 <issue> elements with the same <name> and <type> to have a different <severity> value. Like...

Last updated: Jun 13, 2019 01:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

SSO with microsoftonline.com

I see an SSO mechanism relying on enterprise Office.com integration. A GET with (expired or logged out) Office and local app cookies to a local app's __LOCAL_SITE__/__LOCAL_PATH__ gets a 302 redirect to...

Last updated: Jun 11, 2019 02:26PM UTC | 1 Agent replies | 1 Community replies | How do I?

scanner active testing url path

hello, how can I use burp suite to perform the following check: I have a list of URLs: 1 http://www.dominio.com/public1/public2/index.html 2 http://www.dominio.com/otro1/sid2/pagina.html 3...

Last updated: Jun 11, 2019 01:25PM UTC | 1 Agent replies | 0 Community replies | How do I?

Depicting OpenID flow using a message sequence chart

Dear Burp, as part of a research group we are investigating possible ways of visualizing the OpenID communication from a tool we developed. It was suggested for this purpose to use BURP for its proxy capabilities and the...

Last updated: Jun 10, 2019 03:51PM UTC | 1 Agent replies | 0 Community replies | How do I?

DOM-based XSS

Hey, I've got an dynamic analysis from one of request intercepted thru burp proxy: "Data is read from input.value and passed to jQuery. The source element has name form_type. The following value was injected into the...

Last updated: Jun 10, 2019 10:01AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite Anti-CSRF POST

I am trying to run intruder on an app that employs anti-CSRF tokens within forms. Each form has a unique token that must be submitted with a POST request otherwise the session is invalidated. The process is as...

Last updated: Jun 10, 2019 09:38AM UTC | 2 Agent replies | 1 Community replies | How do I?

Scan Configurations JSON : Enterprise

I am trying to figure out the API for CI/CD of automating Burp. We have Enterprise Edition, and I can not find the "Configuration Library" or any other place to create a custom configfuration (so that I can see the JSON for...

Last updated: Jun 10, 2019 09:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

272 273
274
275 276

Page 274 of 332

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image