Burp Suite User Forum

Create new post

burp suite not capturing HTTPS in proxy

Hi, i followed all the setting ,and infact able to capture the request in proxy using other tool and i dont know why am not able to capture https request in proxy setting through burp suite. in proxy setting its endlessly...

Last updated: Feb 16, 2018 09:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Server configurations requirement for Burp suite Pro

Hi Team, We would like to use Burp suite Pro to run the source code scan for web application. But we are not sure to calculate how much size of hard disk is required to run VA / PT and RAM requirement and OS requirements....

Last updated: Feb 14, 2018 01:34PM UTC | 1 Agent replies | 0 Community replies | How do I?

Merge multiple servers' target info into one server/group

Hi, I'm running automation scripts against 5 different servers. All five servers are virtual machines that are clones of each other and have the exact same version of our software under test on them. When I run my...

Last updated: Feb 13, 2018 08:24AM UTC | 4 Agent replies | 3 Community replies | How do I?

Is their restrictions on testing Video upload with Generate CRSF PoC ?

I am using the Generate CRSF PoC to test the CSRF vulnerabilities of my site. But the Submit Request button seems to be disabled or inactive when I create a HTML to retest the upload of a video to my site? Is their...

Last updated: Feb 12, 2018 01:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite Proxy will not intercept the site after Intercept mode is on

Even when intercept is turned on, burp suite does not intercept the request. I am able to see the HTTP request made under HTTP history and do an active scan but the status in scan queue gets stuck at 0% complete. Please...

Last updated: Feb 09, 2018 04:55PM UTC | 1 Agent replies | 0 Community replies | How do I?

How to resolve error code sec_error_unknown_issuer

How to resolve error code sec_error_unknown_issuer? Why this error occured ? I am using mozilla as well as chrome. Its not working on any of those.

Last updated: Feb 09, 2018 09:50AM UTC | 3 Agent replies | 2 Community replies | How do I?

Start Active Scan through Extension

I'm trying to write an extension that starts an Active Scan of a spider crawled URL. Is this possible? I tried calling the doActiveScan method in registerExtenderCallbacks method but it doesn't seem start Active Scan. In...

Last updated: Feb 09, 2018 01:19AM UTC | 2 Agent replies | 2 Community replies | How do I?

certificate pinning issue

Hi, We are testing an application which has certificate pinning, but the debug version includes the fingerprint of the charles server of the dev team. We have received this certificate in pfx format, can import into burp...

Last updated: Feb 07, 2018 03:55PM UTC | 3 Agent replies | 2 Community replies | How do I?

Penetration tests on standalone app using Burp

Hi , I am required to perform active PEN tests on standalone app using Burp. Need info on how to intercept the requests.. Can you please guide me on this ? Rds, Garry

Last updated: Feb 07, 2018 09:07AM UTC | 1 Agent replies | 0 Community replies | How do I?

Automate the scanning process with multiple or all types of known attacks over my web application

Automate the scanning process with multiple or all types of known attacks over my web application. Currently when I run the scanner and attack, only the server config issues are listed in reports and the individual...

Last updated: Feb 06, 2018 04:14PM UTC | 1 Agent replies | 0 Community replies | How do I?

Connection reset error or 502 bad gateway

I frequently get connection reset error or 502 Bad gateway error while i crawl through a website whereas the initial requests are 200. All the settings and certificates are in place. Not sure on what other settings to make? ...

Last updated: Feb 06, 2018 01:30PM UTC | 1 Agent replies | 0 Community replies | How do I?

http://burp doesn't show download CertificateCA

Hi, I had already follow instruction to configure my browser with burp proxy (127.0.0.1:8080) I had already active burp and make sure the proxy is on (Checked) (127.0.0.1:8080) But when i access http://burp to download...

Last updated: Feb 05, 2018 08:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

Create a simple Burp Extension to save scrolled URLs to a txt file

Hi, I'm trying to learn how to create a burp extension. As a first step I'm trying to create an extension to save scrolled URLs to a text file. Is there any guide can I use. Thanks.

Last updated: Feb 05, 2018 08:18AM UTC | 1 Agent replies | 0 Community replies | How do I?

Cross-site scripting (DOM-based)

Burp has created two different tentative DOM XSS issues with this description: "The application may be vulnerable to DOM-based cross-site scripting. Data is read from location and passed to $() via the following...

Last updated: Jan 30, 2018 07:42AM UTC | 2 Agent replies | 1 Community replies | How do I?

Locked due to many failed login attempts as soon as i scan my application

Issue 1: My application(https://test2.tstraining.com/) is getting locked due to many failed login attempts as soon as i scan my application. Am i sending bunch other invalid passwords ?? I see below article. I don't...

Last updated: Jan 25, 2018 10:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Viewing Issues

After running a scan using Community Version v1.7.30 in free mode, I do not see a the Issues tab under Target >> Site Map. After looking at posted screenshots, I see a set of tabs above the Request | Response tabs. I do not...

Last updated: Jan 23, 2018 04:19PM UTC | 1 Agent replies | 0 Community replies | How do I?

Support

How to remove repeating same letters when brute forcing. Like the program won't make passwords llike aaaaaa or bbcghe because the letters repeat.

Last updated: Jan 22, 2018 04:12PM UTC | 1 Agent replies | 0 Community replies | How do I?

Support

How to remove repeating same letters when brute forcing. Like the program won't make passwords llike aaaaaa or bbcghe because the letters repeat.

Last updated: Jan 22, 2018 03:31PM UTC | 0 Agent replies | 0 Community replies | How do I?

Remote host connection closed during handshake

Hi , Burp is not intercepting traffic when I am accessing app via company n/w with proxy However, when I am connected to my home n/w ( no proxy) I am able to intercept in Burp. Can you please advise...

Last updated: Jan 22, 2018 11:38AM UTC | 3 Agent replies | 3 Community replies | How do I?

Expression Language Injection Syntax

I'm trying to improve my understanding of expression language (EL) injections. The following injections were created by Burp...

Last updated: Jan 19, 2018 04:18PM UTC | 3 Agent replies | 1 Community replies | How do I?

Page 282 of 314

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image