Burp Suite User Forum
Hello, Firstly, can't thank you folks enough for this awesome tool. I am trying to play around with the active scan under the "Issues Reported" section of the configuration. I have created a custom configuration in my...
I solved the "Web Cache Poisoning with an Unkeyed Header" lab using the Exploit server provided in the lab. However, when I try to solve it a second time with my own exploit server that I set up with Ngrok and Python, it...
Hello Support, I was trying the "Lab: Basic clickjacking with CSRF token protection" but I tried to intercept server response and changed the post for change email with delete account. Now I'm unable to login using the...
I was thinking about this part: "Observe that, after a pause, the CSRF attack is still launched. However, this is only successful if it has been less than two minutes since your cookie was set. If not, the attack fails...
I was wondering if you could share with me how I could effectively perform a Flipping bit attack and Character robbery by using the Burp suite to uncover an encrypted base attack in the application that impacts the...
I am running macbook with 14.5, firefox 128 and burpsuite community v2024.5.5 In Firefox i enable proxy 127.0.0.1 8081 and most sites aren't showing up in the proxy or target history If I use chrome, or the built in...
Hi, I'm having trouble with the lab, after I exploited the vulnerability and tested It on myself the XSS fired with alert(1) but when I tried alert(document.cookie) the cookies didn't appear and there's no attribute prevent...
Hi Burp Suite Support, I have issue with activation of Burp Suite Pro. I got message "No more activations allowed for this license". Could you please help me out? Thanks,
I want to solve again all lab so reset my all lab that i have solved
Hello,I am having issues with Burp suite only using 1024x768 of the screen instead of full 1080p. It opens in full screen but all the content is in the up left corner OS: BlackArch with dwm window manager on a KVM/QEMU...
<style> iframe { position:relative; width: 500px; height: 700px; opacity: 0.0001; z-index: 2; } .firstClick, .secondClick { position:absolute; top:410px; ...
Hi, I defined my own configuration as follow: Settings\Configuration library New > Auditing Ignored Insertion Points: Skip all tests for there parameters How can I skip from auditing when scanning these URL path and...
Hi, I've done some labs in the Academeny and I some are easy to understand and solve, However, the CSRF section doesn't work for me. I have created PoC for the First CSRF Lab titled: "CSRF vulnerability with no...
Right now I am facing a problem the csrf poc works for me. But not for the victim when I click deliver exploit to the victim in the exploit server the lab is still not completed. But when I test it against me it is working...
Hi there, I have a handful of engineers using this platform to train and I'd love to track their progress. Is there an API I could use to track their progress? thanks! Damien
Hi, i made my own solution for solving the Lab: `https://[web-academy]/post?postId=4&test=2%27accesskey=%27X%27onclick=%27javascript:alert(1)` and it does not work. Also the official answer does not work for me. But both...
Hi Burp Suite Team, Can you give clarification for this question i got. If I have 2 laptops, one is Macbook, one is Windows laptop, can I install Burp Suite Pro for these 2 devices with one Burp Suite Pro license, or...
Couldn't read the API definition. Review the definition and correct any syntax errors. the error is displayed when i try for api scan and not working aslo
I ran a BURP scan and the client-side desync was detected. I'm having trouble understanding the confirmation logic in a Burp Scan report. I have read the James Kettle article as well as performed the Portswigger lab for the...
I took a short course on using Burp and wanted to play around with it some more a few days later. However, I noticed that when I capture an HTTP response and try to send it to Repeater, I can only see the request there. I...
Page 3 of 322
Your source for help and advice on all things Burp-related.