Burp Suite User Forum

Create new post

BurpSuite Enterprise - Agent does not use upstream proxy server

Hi everyone, I am currently evaluating Burp Enterprise. I installed all components on the same machine. On this machine I need to use a proxy to reach the Internet. This proxy listens on the loopback interface. I've...

Last updated: Oct 24, 2018 01:31PM UTC | 1 Agent replies | 1 Community replies | How do I?

SnipSegment

Dear Support Center, Now I`m using REST API to check a happend issue and its response and request. But the data we`ve got the following API command does not have the all response. curl -vgw "\n" -X GET...

Last updated: Oct 24, 2018 11:16AM UTC | 1 Agent replies | 0 Community replies | How do I?

Download zip files for further testing from an intruder attack

I am running an intruder attack where the response is a zip file. How can I save the zip files into a folder automatically so that I can do further custom testing using them? Thank you.

Last updated: Oct 22, 2018 07:20PM UTC | 1 Agent replies | 1 Community replies | How do I?

Cross-site scripting (DOM-based)

Hi, When I am doing an active scan on a website, I got an issue name Cross-site scripting (DOM-based) with Severity: High Confidence: Tentative Issue detail The application may be vulnerable to DOM-based...

Last updated: Oct 22, 2018 09:46AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp CA in System and Google Play Store still report No internet connection

Burp CA installed as trusted on the Android Nougat OS level rooted device, but Google Play Store still inform that there is "No internet connection. Make sure WiFi or cellular data is turned on, then try again". Other app...

Last updated: Oct 22, 2018 08:26AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp scan time duration

Hello Team, Is there any way to calculate the live scan time or duration, I mean how much time will take for the scan. please implement this in the scanner, that people get to know how much will take in the live scan

Last updated: Oct 22, 2018 05:03AM UTC | 1 Agent replies | 1 Community replies | How do I?

Integration of Burp with Jenkins

Hi, I'm using Burp suite pro version. Is it possible to automate the Burp scanning so that we can integrate with the build? Like we have automation testing scripts which we integrated with the build using CI tool...

Last updated: Oct 20, 2018 12:18AM UTC | 18 Agent replies | 29 Community replies | How do I?

Burp Suite is corrupt is always corrupted when I download the file.

I try two times download the *.sh file for linux https://portswigger.net/burp/communitydownload But always I download the file this happens gzip: sfx_archive.tar.gz: not in gzip format I am sorry, but the installer...

Last updated: Oct 17, 2018 04:01PM UTC | 1 Agent replies | 1 Community replies | How do I?

How to test External service interaction (DNS) & (HTTP) vulnerability ?

I got the vulnerabilities External service interaction (DNS) & External service interaction (HTTP) from burp scan. How can i test whether this is a false positive or not ? I have to add the POC in the report.

Last updated: Oct 17, 2018 05:30AM UTC | 1 Agent replies | 1 Community replies | How do I?

why my base response in scanner is incorrect

I have a POST request POST /request/<ID> which gives successful response(200 OK) for a unique id value. But if the same id value is used again, then we get 4XX series of response with an error stating ID already...

Last updated: Oct 16, 2018 12:43PM UTC | 1 Agent replies | 0 Community replies | How do I?

Identifying presence of mobile code (STIG assessment)

Is there a list/suite of signatures to check for the presence of mobile code?

Last updated: Oct 15, 2018 02:40PM UTC | 1 Agent replies | 0 Community replies | How do I?

Importing Certificates

When attempting to import a certificate and key in DER format the following message appears. "Failed to import certificate: java.security:InvalidKeyException: IO Exception: DERInputStream: getLength(): lengthtag = 127....

Last updated: Oct 15, 2018 02:07PM UTC | 4 Agent replies | 4 Community replies | How do I?

Interception Not Working.

Websites aren't loading and I am not receiving the request in the interceptions tab. URLs appear in the history, I have the settings set to default; I have no idea what's wrong, obviously.

Last updated: Oct 15, 2018 01:24PM UTC | 4 Agent replies | 3 Community replies | How do I?

1539392247666 Proxy [3] The client failed to negotiate an SSL connection to gateway-carry.icloud.co

Hello, I am trying to connect burp to my phone. I make proxy listener on all interfaces and on port 8080. I then go to my ios device and connect to that proxy. I open up anything and it says "1539392247666 Proxy [3] The...

Last updated: Oct 15, 2018 07:36AM UTC | 1 Agent replies | 0 Community replies | How do I?

what payload type I should use in intruder , if password pattern has characters that are known

I am trying to brute forcing a login page using the intruder , attack type cluster bomb , I have defined the payload set 1 for username , in payload set 2 I want to brute the password , noting that I know that the pass...

Last updated: Oct 15, 2018 07:18AM UTC | 1 Agent replies | 0 Community replies | How do I?

I can get response in browser but can't when go through Burp

I'm using Burp to find the real video file URL of a web page. I can play the video without any issue in the browser. However, when I set the browser to go through Burp, it simply didn't get the response and wait...

Last updated: Oct 15, 2018 07:10AM UTC | 1 Agent replies | 0 Community replies | How do I?

Second User

Hi. Is there a way to create a second user for logging in to https://portswigger.net/users/youraccount? Actually we only have edv@reval.com. Thanks

Last updated: Oct 14, 2018 01:45AM UTC | 2 Agent replies | 1 Community replies | How do I?

BurpSuite Enterprise - Agent Health Status: Ouf of Disk Space

Hi everybody, Agents (1.0.04beta) seem to require at least 5GB free space in /tmp. That's what enterpriseAgent.log tells me: 2018-10-12 11:01:50 WARN n.p.enterprise.common.health.e - HealthCheckResult{type=10001,...

Last updated: Oct 12, 2018 09:53AM UTC | 1 Agent replies | 0 Community replies | How do I?

Automate Burpe with login Credentials

Hello All, I have two different websites I currently manually scan, both of them require me logging in to scan and spider. I was looking to automate my process with Carbonator but it doesn't seem to have a way for me to...

Last updated: Oct 12, 2018 09:12AM UTC | 2 Agent replies | 0 Community replies | How do I?

Network Traffic Control

Hi Support Center Members, We want to control the Network traffic(is caused by Burp) while we are conducting the "Scanner." Is there any function to control the Network traffic or use case(outside the function)? And...

Last updated: Oct 12, 2018 08:58AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 277 of 320

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image