How do I? - Page 30 - Burp Suite User Forum

BSCP Exam : Examity

Hi i am giving the BSCP exam right now, the examity wasn't detecting the permissions, so i cleared the cache and logged in back again, but the dashboard now says to contact my administrator, i haven't started the exam yet....

BSCP exam

Hi, I have already attempted the BSCP certification. I was able to solve the first app correctly, but in the second app there was a vulnerability that I knew it was there (essentially because of the active scan and because...

POST requests through Postman logged as GET in Target - Site Map

I have Postman proxying through Burp. When I make a POST request and review the request through the interceptor everything appears as it should. I see that the request is a POST and I see the payload. However, if I then...

No more activations allowed

Hi Team, I am trying to reactivate my Burp Pro license several times on my formatted machine due to environmental issues. I unable to reactivate as I am getting "No more activations allowed for this license" message....

How do I check the string length using BCheck?

I have the followign code: ``` given insertion point then if {insertion_point_base_value} in {base.response} then ... end if ``` However, I'd like to check if `insertion_point_base_value` length...

Collaborator with letsencrypt wildcard cert

So I have certbot setup to use the route53 plugin, so it automatically creates the necessary DNS records to validate a wildcard certificate. The problem is that collaborator needs an NS record for the subdomain you're...

Unable to login to the labs with the given credentials

Password brute-force via password change Offline password cracking For the above two labs, I entered username- weiner, password- peter. When I click on login it says invalid username or password. can anyone please...

exploit server

Hi, How do I create an exploit server (like the one in portswigger.net academy) to use for pen-testing of real client's website? In other words, what do I need to be able to craft an exploit that is send to a...

Authenticated API Scan

How can I perform an authenticated API scan using the new API scanning functionality? I am uploading the OpenAPI schema file, which is parsed correctly. However, there is no option to define a bearer token or similar...

Hall of fame

I've solved 8 labs in 1 week. Hall of me hasn't increased in a week.

No More Activations allowed for This License

Hiya, I remove my VM from my workstation directly, and I also encounter this very common issue when I attempt to active my BurpSuite Pro. Due to the business urgency, could you help me to solve and add more than two...

Lab: Reflected XSS with AngularJS sandbox escape and CSP Exploit Server Question

Hello Everyone! I have a question. I am now doing Lab: Reflected XSS with AngularJS sandbox escape and CSP Exploit Server. 1. This is a reflected XSS, but why do we use an expoit server without proceeding with an attack...

Audit insertion points in nested GET parameters

Hi Portswigger, By default Burp Suit Professional does not recognize 'nested URL parameters' as insertion points. These are for example used by the Doctrine PHP ORM and look, for example like this: "GET...

Activation error

When activating Burp Suite, I get a message "No more activations allowed for this license." and cannot activate it. Can you help me with this problem?

Burpsuite Intruder MD5

How to know the value of the original payload in the result when using MD5 to process the payload

Browser Exam

hello is it possible to change the browser during the exam?

Burp Pro license on disposable testing machines

Hello, I was wondering how Burpsuite Pro licensing works when the security tester is given a test Kali VM for each individual test that then gets disposed of at the end of the test? If we were to install the Burp Pro...

Sorting by multiple columns (Intruder)

In the changelog I've seen functionality to sorting Intruder tables by multiple columns (up to three columns). I can't figure out how to achieve this. I am already using Burp Professional 2024.2.1.3 (early adopter).

reset labs

Hello. I want to reset all labs to practice to practice

All labs

hall of me is not rising Is there a problem?