How do I? - Page 285 - Burp Suite User Forum

Unknown_ca error, missing detailw

Hello, I'm getting an unknown_ca error in the Event log. Sadly I can't find a way to know _which_ host is causing this issue. Is there any extra detail?

bypass business validation

in chrome there addon that can send a lot of request as same time, is there any way to do that in burp, the purpose is to bypass business validation, for example App must not allow to register more than one user by same ID...

SHA1 certificate signatures

It looks like up to about v1.6 SHA1 was used exclusively for certificates, then the switch to SHA256 happened. Is there a way to restore the old SHA1 behavior? This would be quite helpful for a current project. I looked...

Crawl

Hello tell me please if im setup a huge site to crawl with crawl limit 300 minutes, it scan first unauthenticated and tell me please after 300 min it stop the scan ? or it go to authenticated scan and after 300 min up it...

Error when using carbonator

I get below error when using carbonator Initiating Carbonator Against: http://day191-181101-sql-274h.qa /rest/connect/ burp.ysg@1d01dc2f Sending new URL to Vulnerability Scanner: URL # 1 Sending new URL to...

Install two burpsuite in the same linux box: Burp Pro and Free Ed

Dear all, Does anyone know, how to install two burpsuite package in the same linux box which are Burp Pro and Free Ed. The pro version I need in this box because I already had one license, while the Free Ed is used for my...

VPN Connection Application Configuring with Burp

Hi, I have a mobile test app which is only accessible over the VPN. I have connected my system and mobile over the VPN via Cisco Any connect .Even I am configuring the proxy (the system ip to my mobile wifi settings in...

Cross-site scripting (reflected)

Hi, I'm surveying my website now I see via Burp suite a message Cross-site scripting (reflected) HIGH on two files namely a css and a js file. My question is is it possible to open a reverse shell using these...

ffffffffffffffffssss

sfffffffffffffffffffffffffffffffff

Passive Scanning in Burp Suite Enterprise Edition

Hello, Is Passive Scanning offered in Burp Suite Enterprise Edition like it is present in Professional Edition? If yes, could you please help in letting me know about the configuration which would help ? Thank...

Android Virtual Device

Hi Team, I have created an Android virtual device using Android SDK Manager on my windows 7 system. I have installed an android application on that Virtual android device. Can anyone please let me know ho to intercept...

Is it possible to scan a mobile application using Burp Suite?

I'm using AppUse tool & emulator, Burp suite is already installed in it.

Proxy intercept TAB show content only from one site

Der all, I'm facing with a strange issue. I set the proxy in Chrome browser to head to Burp. I can see in the Proxy Tab -> HTTP history the URL I connect to but the Intercept Tab is always empty. the Intercept button is ON....

License

Please let me know a single user license key can work if i moved it to some different system as in i am facing issues with my current PC where i have installed the burp license and i want to change my system, so the same...

Failing Verify DNS Interaction

Hello, I have been attempting to set up a collaborator server in AWS. I have it set up for burp.example.com. The only way I can pass all of the health checks except: Verify DNS interaction Warning Verify HTTP...

modify position depend response burp

I have a mongo db injection: /? search = admin '&& this.password.match (/ ^ 5§§. * $ /)% 00 which is blind then I want that depending on the answer that I get in the intruder, for example: and /? search = admin '&&...

What are the security test mandatory for webservices (Rest API)

Hi I would like to know what are the security test mandatory for web services (Rest API). I would like to know list of security test to be run on the web service(Manual & automatic scan ) using Burp tool.

Optimal setup for using the scanner

Hi, I use QA automated testing scripts to run through the Burp proxy to record the traffic and get pretty good coverage of our app. Then once the automated test have completed, I run the scanner test. Because of the size...

No Websocket history

Hi, I have iOS device connected through Burp suite proxy. Bind to address: All intefaces. I can see everything in http history, but there is nothing in WebSocket history. And I'm quite sure I open Web socket connection...

Not all Traffic is being intercepted between client and server

Hello I’m working on a game called Marvel Contest of Champions. Basically I want to intercept all the packets and traffic between the client and server such as server request/client response for example: If you want to...