How do I? - Page 280 - Burp Suite User Forum

Burp Enterprise: Set Folder Destination in API Request

Hi, I wanna create a scan using the REST API and add it to a certain directory in the Burp Enterprise web server. How would I go about doing this? Cheers,

How Do I proxy through Burp while using a VPN

Hi, I am using a vpn service from VPNIPSTATIC as I required a static IP to test a website. I am unable to proxy through Burp even when I have changed the proxy settings in my browser. I am able to proxy using mozilla...

Reference for issue details

The issue details, specifically IScanIssue.getIssueDetail(), allow "[a] limited set of HTML tags": <br> is interpreted as newline and <table>s are formatted correctly. But there is no CSS, <font color=green> does not work,...

How do I configure python to proxy through BurpSuite for https?

I have BurpSuite configured as a proxy. I have generated and installed a certificate for Burp in my Mac's keychain. On a Kali box I have also configured Iceweasel to proxy through my Burp Proxy running on my Mac. I can can...

Pausing Scanner on Condition

I was wondering if it was possible to pause the scanner given a certain condition being hit. Basically, if my session is deauthed I want scanner to stop. Is this possible?

Burpsuite Enterprise: Crawling and scoping

Is there any documentation on how crawling/scoping works in Burpsuite Enterprise? We've tried all of the crawl scan configurations along with varying combinations of "Add all links to site map" and/or "Add reqested items...

Restrict Sites on Burp Enterprise API

We'd like to restrict the sites users can run scans against in Burp Enterprise, and I've configured Groups with site restrictions and have added the sites in folders on the site tree. So basically looks like Group 1...

Burp does support firefox version 65.0.1

I am start using burp with firefox version 47 in windows but when i shifted to parrot os. There was already installed firefox 65.0.1 burp is not working there it showed one thing only SSL connection not work. I used every...

Garbled text at end of proxy intercept - no username/pass

Hi, running a proxy on 127.0.0.1 as suggested, I'm getting: POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept:...

can load HTTPS. but not intercept ?

Hello, today i tried to test Burp suite on my website, which is HTTPS. i've configured the proxy and downloaded the CA. i can load the HTTPS website but i get 0 data from it. HTTP websites works great. but not HTTPS. as i...

Firewall scan in Burpsuit

Hello, Can we run firewall scan in Burp suit using with IP address? If yes please let me know the procedure. Thank you

DOM XSS - How to actually inject the source ?

Hello, so, I am struggeling to understand something and I cannot find an answer. If anybody could help me I would be very appreciative. A dynamic analysis of a JS code rendered this Data is read from input.value...

Payment deducted but not received any email for burp licence

Hi, The payment of $400 has been deducted from my account yesterday from my credit card but still, I haven't received any email with the details of software license. Can you please guide me on the next steps? I wanted...

How do i POC of XEE (XML external entity ) and Insecure Deserialization vulnerability

Burp Enterprise Issues

Team, Looks like Burp enterprise does not seem to be crawling appropriately. Despite providing credentials, it is performing unauthenticated scanning and does not seem to crawl beyond login page. Does burp enterprise...

how can I change the response to endpoint with extensions API.

This as data flows as far as I know. [Request] Endpoint(such as browser) > burp > processProxyMessage with messageIsRequest==true > processHttpMessage with messageIsRequest==true >...

How do I get burpsuite to intercept my curl -X GET requests that I am launching from command line

I am penetration testing, I am exploiting (this is all on a college set up environment, nothing is really but hosted on a VPN) an API that connects with a database to receive data and spit it back out. I am doing these...

Remove obsolete scan config in Burp Enterprise

All our projects have a limited time scope, so there project specific configs such as authentication will get obsolete sonner or later. How can I delete an obsolete project specific scan configuration from Burp Enterprise?

.bazar domain

How do i intercept domain .bazar Thanks

Unable to access our site on https

Hi, I have downloaded the Burp Free edition and trying to test a web application running on https. When I configured Burp Proxy, my Chrome is denying to connect to the site showing a certificate error. I tried...