How do I? - Page 298 - Burp Suite User Forum

Get my license key

How do I get my license key

How to use burpsuite with IE automatic configuration script option

Hi, I could not able to configure burp suite with browsers. If I use manual connection settings in browsers,I could not load any site.Because my company need to use : Internet Explorer -> Option -> Connection -> LAN...

Intercept requests made from excel

I am clicking a link in a excel cell. Tell me if i can intercept thst using Burp. I have a Burp Prof license

Can we Test ThickClient build using C++ running on TCP Protocol

Hi, We are pen-testing Thick-client application developed in C++ running on TCP protocol using Winsock controls. I have tried changing the following >> Under proxy tab modified Options...

Encountered a trouble when setting https proxy in os x 10.10 for firefox

I've read this aritcle(http://portswigger.net/burp/help/proxy_options_installingCAcert.html) and followed the instructions of the firefox section. But when I browsed twitter, it told me: "Unable to Connect...

Received fatal alert: bad_record_mac

When https request is proxied via burp, bad_record_mac error is shown in Firefox. Alerts tab in burp shows - javax.net.ssl.SSLException: Received fatal alert: bad_record_mac

Usage of ssl certificates

Hi, i have an address that is a restful service that requires an SSL cert inorder to access it the address starts as: https://certapi.t6.lmuk.local/ Please note: -This is an internal address the available to external...

Invalid client request received: Dropped request looping back to same Proxy listener

Getting the above error when trying to connect to WebGoat using port 8080 on my local host through Firefox. I've set up the Firefox proxy for localhost port 8080 and the same on Burp. Saw another post with the same...

Set one cookie equal to another in intruder

I have a situation where a cookie is set in Javascript so it's not coming up under the "set cookie" header for handling in macro's. For this post I'll refer to this cookie as "window". No problem - I know the value is always...

How do I troubleshoot "failed to connect" messages?

So, I load up Burp Pro, restore defaults (latest versions of burp and JRE), enable the proxy and then in Chrome, with FoxyProxy browse to the site I want to scan/spider. I add said site to scope, and then start spidering....

MDSEC labs

Anyone doing the labs from the hacker's handbook? Any possible way someone knows where you can find the answers to the practical labs? Im stucks on a couple of them and would be nice if someone can answer on how it is...

get the count (number of pages ) spider crawled

How can i get the number of pages crawled by the spider

not received mail

i was buy burp pro but not received mail confirm please my email is securemail@naver.com

Burp Updates

Normally Burp software indicates when you release a new version. However, since the beginning of the year, I haven't had any alert of a new version. Is there something to configure? Thanks and best regards, Rachel

How do I replace the content of a whole file?

Hi, a web app I am testing is requesting jar files from a web server. I want to replace the jar file the server sends back with a modified version. I can of course intercept the response and manually replace the response...

java.net.socket Exception when configuring intruder through Burp Extender API

I am sending multiple HTTP req to intruder with positions marked using sendToIntruder() method in burp Extender API but when I click Launch attack I get java.net.socket in the alerts Tab and no status as 200/400 is coming...

How to auto load payloads for all intruder attack at one time through Burp Extender API

I have a payload file with 25 payloads. Can anybody help in sorting out how to auto load payloads through API. IIntruderPayload Generator generates only exetension payload which i need to again manually select from...

macro to replace part of URL

Hi, I need to test a request similar to /something/<a_different_ID_per_request>/ and need to fetch an valid ID prior to that request. Because the ID is a REST parameter I cannot simply do a macro + session handling rule...

How do I generate a report after scanning without issue found

Dear Support, We have purchased a Burp Suite pro. I used its vulnerability scaner to scan our web server. I could not generate report when no issue found after scanning. I need it to show our management as a proof. Can...

How Do I Supply A Preconstructed Target Site List?

The BURP documentation says that I should turn the proxy on and then do a bunch of work on my Web app in order to build a list of URLs to put in the Target Site list. I do this and it works fine. I'm concerned, however, that...