Burp Suite User Forum
For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.
How do i bypass recaptcha on website login/signup page at the time of making intruder attack?
I would like to know how Burp Suite performs the capture of the http request and how it is modified and how it is sent back to the destination server with the POST method. And I would also like to know if that attack can...
Hi. I am trying to use burp suite for testing on a site but the site has a captcha and not sure how I can make burp suite bypass it ? The captcha is a image with 4 digits. I assume every time the page is loaded it changes...
Hii...I have tomcat server running which has vulnerable websites for the purpose of learning how to hack them..I have installed burp suite and now it is intercepting the requests but not forwarding the requests to tomcat...
I created a burp extension in python that scans from a list of URLs and generates a report after it is done. I'm not able to find a method in the API that allows me to clear all reported issues. Is this possible? If so it...
I'm testing a fat client application that passes all its traffic through SSL, WCF binary encoded. It also looks like it is being compressed (Content-Type: x-deflate) which adds another level of PiTA. I'm using the "WCF...
I was wondering about the size in the length column (in proxy http history),it has been said in the documentation that the length refer to the response length but it dose not seems like this, for example I have length is...
Hi - I'm attempting a non-authenticated point and click scan of our SaaS application. There are over 1,300 items, many of which are 404.aspx and the help system. Why is it so slow? When I started it 12 hours ago, it seemed...
Im trying to use Burp to access my base64 protected site to see if it is possible, however I am having a problem learning about where positions should be tagged at in a base64 string. User-Agent: Mozilla/5.0 (Windows NT...
I am running an instance of BURP Pro (v1.7.32) with both Passive and Active scanning enabled. When I run a Target Analysis and review what parameters were identified no of the password parameters were identified. Which...
Burp scanner reports that on the text/javascript content type, XSS is possible with Severity: High, Confidence: Certain but I didn't find a way to prove it with a PoC. All modern browsers behave text/javascript files not as...
Hi, We have extensively done browsing to record as most URLs as possible for a particular website, and tested that version, which resides in: www.mydomain.com/uat/application. Now we've moved the same website to...
Burp tool is manipulating my http origin and referrer header. Please provide a way around to disable that
What about applications which is having JWT as authentication, Session expires quickly in that, How to handle that ?
Hi I have added server ip and port being used in firefox proxy settings as well as in Burp Proxy settings, but I am unable to access server in browser. Each time I try to open server page, it open up the Burp Suite...
Hello, Can I use Burp Suite Community Edition in my compagny or I must purchase de Professionnal Edition ? Thanks in advance for your reply. Regards,
I configured my burp suite by default port (127.0.0.1:8080). I'm running Firefox 48, Java 8_101 (Both Latest versions) CA certificate is already installed. The problem is: When I use SOCKS proxy in User...
Hello, I would like to replace two different values in a SOAP request by the result of a local python script and thus for all SOAP requests that Burp proceeds (intruder, scanner...). Should I develop my own extension? If...
I don't think, there is a way we can get the status of Spider tool thru API. Is this something that can be done in future updates?
HI, Just wondering has anyone any security experience of testing iPad applications which use VPN Tunnel functionality on an iPad? What should I check? how I can intercept traffic using the VPN? Im looking to test to see...
Page 296 of 330
Your source for help and advice on all things Burp-related.