Burp Suite User Forum

Login to post

How do I connect my target to my proxy

I dont know how to connect the target to the proxy so I can attack the target

Last updated: Jul 04, 2016 09:11AM UTC | 1 Agent replies | 0 Community replies | How do I?

Secure websocket requirements?

While googling around for information, I found a blurb for a search result stating "Burp Suite v1.5.21 released, with WebSockets support, new nested scan .... or HTTP Auth header is required for successful wss:// upgrade."...

Last updated: Jul 01, 2016 12:20PM UTC | 3 Agent replies | 2 Community replies | How do I?

Discover content using basic HTTP authentication

Hello I'm trying to use the discover content functionality on a web site that uses basic http authentication. I entered the credentials in the Platform Authentication screen. When I run the discover content, all I get is...

Last updated: Jun 28, 2016 10:05AM UTC | 2 Agent replies | 1 Community replies | How do I?

Scanning based on Index ID

Hi, Burp has list of vulnerabilities that are covered by scanner which are listed here https://portswigger.net/KnowledgeBase/Issues/ Each vulnerability has severity and Type Index mentioned. Is there a possibility...

Last updated: Jun 28, 2016 08:11AM UTC | 2 Agent replies | 1 Community replies | How do I?

Clear the Scan Queue and Site Map from API

Hi, With the introduction of Project files in Burp 1.7+, all the data is saved automatically including Target SiteMap and Scanner Scan Queue into Project files, which is very useful. However, these tend to grow over a...

Last updated: Jun 23, 2016 08:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

Unable to connect to site after updating browser with BURP proxy

I'm using BURP on my project and have verified the proxy listener is up. However; in my office, I use a company proxy to access the internet. Once I update the browser with the BURP proxy, I'm unable to use the internet. Is...

Last updated: Jun 23, 2016 08:18AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Collaborator

What are the Hardware requirements for Burp Collaborator?

Last updated: Jun 22, 2016 04:32AM UTC | 2 Agent replies | 2 Community replies | How do I?

Don't quite get the meaning of "iterate all values of submit fields"

What does "Spider >> Options >> Form Submission >> Iterate all values of submit fields" do? I've read https://portswigger.net/burp/help/spider_options.html : "Many forms contain multiple SUBMIT elements, which result in...

Last updated: Jun 20, 2016 06:02PM UTC | 1 Agent replies | 1 Community replies | How do I?

"This Connection is Untrusted" message is showing

Everything is okay like download certificate in firefox and proxy/Network setting also done but i am unable to intercept with any site.I have also installed jre 1.7.0.My OS is 64 bit.I was doing my work properly with...

Last updated: Jun 20, 2016 10:08AM UTC | 1 Agent replies | 0 Community replies | How do I?

How to implement request in browser

Hi, is it possible to write an extension to have a "request in browser" like functionality? I would like to request in browser a specific request based in some conditions like a selected element or something...

Last updated: Jun 20, 2016 10:08AM UTC | 1 Agent replies | 0 Community replies | How do I?

CSRF Token

Hello, Custom parameter location in response but csrf not writing in response. Why not in the request? Because csrf parameter (_csrf_token=MXnHkkFn_GDk96WoRucoS26JJb4zAQA76jOhdeLG-Uc) in only request. Is it possible to...

Last updated: Jun 13, 2016 01:46PM UTC | 1 Agent replies | 0 Community replies | How do I?

Java Serialized + Zlib + gzip

I have this issue and I can't seem to solve it without writing an extension. The java thick client communicates with the server by doing the following on the data part of the HTTP POST request: Client: - Java...

Last updated: Jun 06, 2016 01:23PM UTC | 1 Agent replies | 1 Community replies | How do I?

Scaning Related

Hi! i`m very new user. I have been using burpsuite pro version since a few days. Can i scan web server using burpsuite? Thank you...

Last updated: Jun 06, 2016 12:10PM UTC | 1 Agent replies | 0 Community replies | How do I?

burpsuite_free_v1.7.03 Not allowed HTTPS

Hello Support I have issue with v1.7.03 I cant run HTTPS protocol Thanks

Last updated: Jun 02, 2016 08:55PM UTC | 2 Agent replies | 2 Community replies | How do I?

Collaborator DNS Functionality

Other than resolving 'A' type queries does the DNS server provide any additional DNS functionality. For example will it respond to the APNIC test for a lame delegation correctly? Or any other type of record lookup? Thanks

Last updated: Jun 02, 2016 07:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Confirming XSS high certain

Hi, Burp scanner is detecting an XSS (high certain) with the following GET request and response: Request: /CGI/…. &CategoryID=123"onload%3d"alert(1)"456&CategoryName=Retail HTTP/1.1 Response: <LINK...

Last updated: Jun 01, 2016 03:58PM UTC | 4 Agent replies | 3 Community replies | How do I?

Intruder question

Hi, I got some questions for Burp's intruder.. 1/ When performing a fuzzing attack, does burp wait for the actual response of a payload from the server before moving to the next payload? 2/ Can the fuzzing attack...

Last updated: May 31, 2016 05:08PM UTC | 1 Agent replies | 1 Community replies | How do I?

Filtering URLs with specific words

When a GET or POST request results in an error, the response URL will have the following wordings (and some other wordings depending upon the request made) "Could+not+create+url+for+page+path:+" (without "...

Last updated: May 31, 2016 10:17AM UTC | 1 Agent replies | 0 Community replies | How do I?

Scanning cloud-enabled application

Hello, We have a web application that is deployed as cloud-enabled application and using CDN. This can be accessed only by hostname and not using IP address. This hostname resolves to 3+ different IP address. Direct...

Last updated: May 31, 2016 10:15AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp - Intruder path traversal with list

Hi, I am using the Burp Suite Professional v1.7.02beta, and I was wondering if it possible to do a path traversal with the Intruder, especially with a list? In fact, I want to use the Payload Processing with a...

Last updated: May 26, 2016 08:52AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 277 of 291

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image