Burp Suite User Forum

Login to post

make burp intruder follow redirects (302) ?

I know that it is possible to make repeater follow redirects. But is it possible to make intruder follow redirects?

Last updated: Jul 23, 2021 02:04PM UTC | 1 Agent replies | 0 Community replies | How do I?

Scanner errors

I use Burp Suite Enterprise for scanning our web applications. Of let scheduled scans have been failing to run. Below are the errors that app is returning: #Failed to despatch scan to New agent1. #10 consecutive audit...

Last updated: Jul 23, 2021 10:51AM UTC | 1 Agent replies | 0 Community replies | How do I?

xss

i dont know how to make different payloads for different labs like i am not able to figure out which payload will work where. i just want some guaidance so can you help me?

Last updated: Jul 23, 2021 10:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Infiltrator and .net 4

I am trying to install the infiltrator on web server that has .net 4 framework. When installing it keeps saying that it cannot install the .net 3.5. Is the infiltrator able to run on version 4? When building the...

Last updated: Jul 23, 2021 09:47AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do i scan GUI test which runs on google chrome.

We are trying to scan the GUI tests using burp suite, but the chrome which is triggered does not have burp extension. Kindly guide us on how we can trigger a google chrome with burp extension in automated way.

Last updated: Jul 23, 2021 08:31AM UTC | 2 Agent replies | 1 Community replies | How do I?

How to proceed with API testing using burp suite community version

Please send me documentation link using which I can proceed with API testing in community version. I have to test Get requests.

Last updated: Jul 22, 2021 06:37PM UTC | 1 Agent replies | 0 Community replies | How do I?

Modifying Burp EE CloudFormation templates to expose REST API outside the VPC

I am trying to use the official Burp EE CloudFormation templates (https://portswigger.net/burp/documentation/enterprise/getting-started/cloud/deploy-aws) to install Burp EE on my AWS account. The problem is, these...

Last updated: Jul 22, 2021 05:33PM UTC | 1 Agent replies | 0 Community replies | How do I?

Having issue signing into the "Basic Clickjacking with CSRF token protection" lab

I'm unable to even start the lab (https://portswigger.net/web-security/clickjacking/lab-basic-csrf-protected). The provided credentials, carlos/montoya, do not work for me. Any ideas?

Last updated: Jul 22, 2021 02:58PM UTC | 12 Agent replies | 14 Community replies | How do I?

Account brute force lock out

Hi, I'm trying to solve this lab https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-account-lock. I found the username I try to brute force password but the account always...

Last updated: Jul 22, 2021 02:12PM UTC | 1 Agent replies | 0 Community replies | How do I?

Install the required components for Browser Powered Scanning

I'm new to Burp Enterprise, and my credentialed scans are failing with an error that my hardware doesn't support Browser Powered scanning. After investigation, I have enough disk space, CPU, and RAM assigned. One...

Last updated: Jul 22, 2021 09:46AM UTC | 5 Agent replies | 4 Community replies | How do I?

unable to use burp

hi I have just bought the BURP PRO but I got an email saying "We are really sorry but there seems to be a problem with your order for Burp Suite Professional. One of the Customer Happiness team is looking into this for you...

Last updated: Jul 22, 2021 07:00AM UTC | 1 Agent replies | 0 Community replies | How do I?

License Problem

Hi There I am a consultant and use Burpsuite Professional, I realized I had not installed the pro version on our VM image and The license does not allow me to license the instance for my current project, any assistance...

Last updated: Jul 21, 2021 12:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

Testing WEB API connection

HELLO DEARS, I need to test an authenticated WEB API, through a header "AUTORIZATION" + <STRING OF 30 CHARACTERS>. I don't understand how BURP could be configured to be able to test, since for now it only gives me the 401...

Last updated: Jul 21, 2021 08:02AM UTC | 1 Agent replies | 0 Community replies | How do I?

need to scan one of my URL

I need to scan one of my website but scan audit is showing as 10d remaining.Please help on this.

Last updated: Jul 20, 2021 01:29PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burpsuite Community v2021_7_1 Windows 10

Hi, I downloaded burpsuite_community_windows-x64_v2021_7_1 file as jar and exe file on Windows 10. When I started to installation by exe file, half time of the progress bar the installation was stopped and nothing...

Last updated: Jul 20, 2021 10:32AM UTC | 2 Agent replies | 1 Community replies | How do I?

Could not find or load main class .awt.headless=true

Hi, when trying to run burp in headless mode I get the following error: Error: Could not find or load main class .awt.headless=true Caused by: java.lang.ClassNotFoundException: /awt/headless=true

Last updated: Jul 20, 2021 08:50AM UTC | 3 Agent replies | 3 Community replies | How do I?

Why does Burp Suite Enterprise say "Pending License" after adding new agent server?

I just added a new agent server to be used by Burp Suite Enterprise V2021.6. I accepted the agent machine as a valid agent machine and then added one license to this the new machine. The problem is that the original machine...

Last updated: Jul 19, 2021 06:50PM UTC | 1 Agent replies | 1 Community replies | How do I?

Burp not capturing local Andriod network traffic

I'm trying to use Burp to capture traffic from my routers companion app. I've set up the listening port, installed the burp certificates system and client side and installed 'ProxyDriod' to isolate the traffic from the...

Last updated: Jul 19, 2021 03:54PM UTC | 1 Agent replies | 3 Community replies | How do I?

Lab: DOM XSS in document.write sink using source location.search inside a select element

Hello, i have a very simple question regarding this lab, I'm not really sure why my payload worked. The source-sink of this DOM based xss is the GET param `storeId` and can be summarized here: var store = (new...

Last updated: Jul 19, 2021 02:29PM UTC | 0 Agent replies | 0 Community replies | How do I?

SSRF with whitelist-based input filter

Hi everyone, I'm working on solution of SSRF with whitelist-based input filter lab. The payload which used by solution is http://localhost:80%2523@stock.weliketoshop.net/admin/delete?username=carlos. I have searched...

Last updated: Jul 19, 2021 02:06PM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 3 of 188

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image