Burp Suite User Forum

Create new post

Burp Collaborator question

Hello, I hold a licence for Burp PRO and have a question about Burp Collaborator. A few days ago I ran some active scans against an application (some scans were run against a "request support/add ticket" kind of...

Last updated: Oct 03, 2018 04:58PM UTC | 2 Agent replies | 3 Community replies | How do I?

Static Application Security Testing

Our team has been discussion implementing SAST for our PHP code to help identify issues earlier in the development cycle. Would please provide a "How To", diagram, helpful hints etc on how we would accomplish this task? ...

Last updated: Oct 02, 2018 09:24AM UTC | 1 Agent replies | 0 Community replies | How do I?

How to intercept info comming threw the command prompt window, not http?

Hi, I am running an x-client on my pc and want to use Burp to intercept the info for a Cluster bomb attack. I can set up Burp to intercept data from a website but how do I set it up to intercept data that just runs in a CMD...

Last updated: Oct 02, 2018 09:21AM UTC | 2 Agent replies | 1 Community replies | How do I?

base64

Hi, I want to use Intruder to fuzz param1 and param2 in a base64 encoded payload: Intercepted POST request body: data=cGFyYW0xPTEyMzsgcGFyYW0yPTQ1Ng== Decoding "data": param1=123; param2=456 I figured out...

Last updated: Oct 01, 2018 12:48PM UTC | 2 Agent replies | 1 Community replies | How do I?

Crawler throttle options

Hello, The old spider engine has throttle between requests options but I cannot find them with the beta version Crawler?

Last updated: Oct 01, 2018 07:23AM UTC | 1 Agent replies | 0 Community replies | How do I?

Reporting on the evaluation version Burp Suite Enterprise Edition

I'm current evaluating Burp Suite Enterprise Edition Version: 1.0.03beta-804 and I managed to perform the scan and see the results however I cannot find any reporting option. Is this available on the evaluation version?

Last updated: Sep 27, 2018 12:57PM UTC | 2 Agent replies | 0 Community replies | How do I?

How do i delete the host from site map?

I want to delete host from site map using REST API/Burp Extender. How to achieve this?

Last updated: Sep 27, 2018 10:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

Reuse the URLs captured using intercept on one host to run active scan on other host

Hi, I need to run active scans against a set of URLs on multiple hosts (of same application with minor application version differences, however, these URLs under test do not differ.) Is there a way that I can reuse the...

Last updated: Sep 26, 2018 12:36PM UTC | 2 Agent replies | 2 Community replies | How do I?

create payload rule to reject or bypass payloads with duplicate characters

for example: I don't want burpsuite to try passwords like these: egraaaaa hidbbbbb hfkkkkkka ewsaaaas any word with duplicate letters more than 4 characters should be skipped. please help .

Last updated: Sep 25, 2018 08:22AM UTC | 1 Agent replies | 0 Community replies | How do I?

Need help with new Burp REST API

How to initiate a scan with burp REST API for "Audit Selected Items". Now its allowing us to crawl and audit a site, but we need to audit specific items with payloads. Please help.

Last updated: Sep 25, 2018 08:13AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp 2 send base request

I'm really excited about the REST API possibilities in BURP 2. This is a good start in using BURP in automation scenarios. What I really need now is to send an url to the /scan endpoint including a base request. It seems...

Last updated: Sep 21, 2018 02:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

Colorizing Repeater tabs

Hi, would it be possible to colorize Repeater tabs? I just noticed a very nice colorization highlight in Proxy Intercepter (Burp 2), and it would be great to have the same for Repeater tabs:) Thanks

Last updated: Sep 21, 2018 09:04AM UTC | 1 Agent replies | 0 Community replies | How do I?

Could not intercept mobile application which is hosted behind cloudflare

I am trying hard to intercept one particular mobile application traffic which is hosted in Cloudflare. For other mobile application and mobile browser, it works fine. I have done proper burp certificate installation and...

Last updated: Sep 19, 2018 07:22AM UTC | 3 Agent replies | 3 Community replies | How do I?

Burp Suite certificate

Hi, i have installed the burp Suite Professional version and i want to perform a security test on a web application using Firefox as browser. This web application is actually using https so i got this...

Last updated: Sep 19, 2018 06:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp with Jenkin

When I am trying to integrate my burp with Jenkins by Carbonator extension. I am using Pro license version . I have followed this https://www.we45.com/blog/automating-burp-with-jenkins link to make my burp work with...

Last updated: Sep 18, 2018 01:36PM UTC | 3 Agent replies | 2 Community replies | How do I?

View Reports in Web Page

I am trying to view a saved HTML report from my Burp Scanner however no matter what browser I use to open the saved html file all I see is the code not the web page. Please advise.

Last updated: Sep 17, 2018 02:32PM UTC | 2 Agent replies | 1 Community replies | How do I?

How to remove duplicates in target

Hi ! I would like to know if there is a way to get all the request possible for a website but without duplicates ? Because there is a lot of request that request the same url and parameters and It's time consuming to look...

Last updated: Sep 17, 2018 02:02PM UTC | 1 Agent replies | 0 Community replies | How do I?

I can't see requests and responses body.

Hello, I can intercept them and see the headers, but I can't see requests and responses body after buying and installing Burp Suite Pro. I tried generating new Cert, updating, and reinstalling to older version Burp...

Last updated: Sep 17, 2018 08:27AM UTC | 1 Agent replies | 0 Community replies | How do I?

websockets requests are not appearing in target of burp suite

i need to perform a security scan on a project which is developed using vaddin framework and internally supports web socket no http or https. how do i perform the scan please help ,its urgent

Last updated: Sep 14, 2018 10:48AM UTC | 2 Agent replies | 1 Community replies | How do I?

How to install a professional burpesuite

I am not able to install professional burpesuite. Please help me on this

Last updated: Sep 13, 2018 03:57PM UTC | 2 Agent replies | 1 Community replies | How do I?

Page 285 of 327

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image