Burp Suite User Forum

Create new post

[Burp Pro] Programmatically create Responses

I am trying to figure out a way of intercepting every request Burp Suite is issuing from all its tools. But i do not want these requests to be actually sent over the net. Instead, i want to create a fake response immediately...

Last updated: Apr 04, 2016 10:48AM UTC | 1 Agent replies | 0 Community replies | How do I?

Joshuael

<a href=http://bimatoprostophthalmicsolution003generic.com>bimatoprostophthalmicsolution003generic.net </a>

Last updated: Apr 04, 2016 09:48AM UTC | 0 Agent replies | 0 Community replies | How do I?

How do I collect all HTTP request from HTTP history and identify as GET/PUT/POST using extender API?

I need to collect all requests from HTTP history tab which is under proxy tab and need to identify it whether it is PUT or POST or GET and classify it as xml or html or js? I don't want to use menuItemClicked interface,...

Last updated: Mar 30, 2016 07:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Put IParameter list into request body as XML

Hi! I am writing an extension, and I'm trying to insert a List<IParameter> back into the body of a request as XML, after I have modified a parameter in this list. What would be the easiest way to go about doing this? I...

Last updated: Mar 30, 2016 07:58AM UTC | 1 Agent replies | 0 Community replies | How do I?

How Do I figure out if the installed Burp is free or professional version

I have Burp installed on my system. Kindly advise how to know if its the free or the professional version. The "about" in "help" is not listing anything except the website url. Also how to upgrade from free to professional...

Last updated: Mar 23, 2016 03:46PM UTC | 1 Agent replies | 0 Community replies | How do I?

Regarding settings to be done for get list of tests executed by Burp.

Hi, When I run Burp suite against the application, what settings has to be done to get /view : List of tests ran List of tests failed Failed Tests Name Logs

Last updated: Mar 18, 2016 08:51AM UTC | 1 Agent replies | 0 Community replies | How do I?

Collaborator Server Retention

How long does a collaborator server (public one or private one) store (in memory) vulnerable application interactions, assuming burp scanner never polls for the interactions?

Last updated: Mar 12, 2016 03:11PM UTC | 1 Agent replies | 0 Community replies | How do I?

Python Code Injection Vulnerability Validation

I used Burp Suite Pro to scan a site. It identified Python Code Injection on a page. The scanner added a cookie to sleep. I used Burp Proxy to add cookie and got the same result. When I used other proxy tools: Web...

Last updated: Mar 10, 2016 11:21AM UTC | 1 Agent replies | 0 Community replies | How do I?

Hello. i want to make hmac header.

Some web sites are require hmac header. hmac value is madden using specific algorithom(mix url, parameter and random value when login given) how can i HTTP request with change parameter.?

Last updated: Mar 10, 2016 10:30AM UTC | 1 Agent replies | 0 Community replies | How do I?

Send the Scanner through the Proxy

Is it possible to show all the requests the scanner makes through the proxy tab?

Last updated: Mar 08, 2016 06:24PM UTC | 1 Agent replies | 0 Community replies | How do I?

Intruder payload.

I am wondering I have loaded some payloads in example "/examples /examples/jsp/index.html /examples/jsp/snp/snoop.jsp" Lets say my URL is http://localhost.com/test/AnotherTest/test.php I have tried both with...

Last updated: Mar 08, 2016 05:00PM UTC | 1 Agent replies | 2 Community replies | How do I?

native/hybrid apps for mobile

does Burp suite supports native/hybrid mobile apps for security Testing? if yes , please provide me clear information where to refer? Regards Ravi

Last updated: Mar 08, 2016 09:19AM UTC | 1 Agent replies | 0 Community replies | How do I?

SSL certificate issue

How can I prevent my scans from reporting an SSL certificate issue Severity: Medium Confidence: Certain Host: https://localhost:44300 Path: / "The server's certificate is not trusted" Issued to: localhost Issued by:...

Last updated: Mar 04, 2016 12:42PM UTC | 3 Agent replies | 2 Community replies | How do I?

handshake_failure

I'm running burp v1.6.36 and using a client ssl certificate to authenticate to secure web pages. I am receiving the error handshake_failure when attempting to access and sites that require the client cert. I am using java...

Last updated: Mar 03, 2016 05:58PM UTC | 1 Agent replies | 1 Community replies | How do I?

Finding XSS

Hello , In most of the scans using Burp for XSS , I can see only HTTP 302 responses for the different XSS payloads, is there a best way to find XSS using Burp for more complex application.

Last updated: Mar 02, 2016 06:51AM UTC | 6 Agent replies | 5 Community replies | How do I?

Invalid client request received: Failed to parse first line of request.

Hi, I received the message "Invalid client request received: Failed to parse first line of request." and "Unknown host: null" in the alert tab when I use SOCKS proxy. All the requests can't go through. If I uncheck the...

Last updated: Mar 01, 2016 10:21AM UTC | 1 Agent replies | 0 Community replies | How do I?

Scan of Oracle 12c E-Business Suite Application Consumes all Database Processe within a few minutes

Old database processes are not released and remain in the system for an hour or more forcing a database re-start. Number of database processes at 1.2K. Is this a Burp thing (i.e. is there a Burp Prof setting to prevent...

Last updated: Feb 26, 2016 09:08AM UTC | 1 Agent replies | 0 Community replies | How do I?

http history missing in-scope items.

I have my scope set in the Target tab, has about 10 web sites listed then all of their items with in them. When I goto Proxy->HTTP history I do not see all of my listings from Target in there. I am missing a few web sites as...

Last updated: Feb 25, 2016 11:10AM UTC | 1 Agent replies | 0 Community replies | How do I?

The input file is not in correct format

I selected "save state" in Burp. I imported the file in Acunetix for a scan. Saved the results in .wvs file format. When I open the file which I have saved using Burp, again in Burp; it throws an error - The input file is...

Last updated: Feb 25, 2016 11:07AM UTC | 1 Agent replies | 0 Community replies | How do I?

re allocating burp licenses

we have a total of 44 burp licenses. end users will come and go. where in the Portal do I go to have licenses reallocated?

Last updated: Feb 23, 2016 09:21AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 298 of 310

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image