How do I? - Page 300 - Burp Suite User Forum

Burp Collaborator polling service respond with a self-signed certificate (*.polling.myhost.com)

I am using a certificate generated with Let's Encrypt. The certificate is matching the domain expected for the polling communication. Let's say polling.myhost.com. The polling configuration is as follow.. ``` ...

CA Certificate

CA certificate for IE not Available at this link http://burp/

Proxy analysis on mobile devices

Hello, I'm am an ethical hacker working for Ethical Intruder (ethicalintruder.com). I am running Burp Proxy and have gathered data from mobile devices. My question is this, what can I do with this information? Or rather, how...

How to find all requests

Hi, This is a UI question -- I'm trying to find all the times a particular URL was requested so I can compare cookies and responses. I can see one of the times the URL was requested in the target window, but I can't...

Coldreien

Need to know how to see some one in my galaxy 6 remotly.

Issue with the order of proxy requests under 'site map'

Hello, We have observed that the HTTP requests intercepted by the Burp proxy, in 'Site map' tab were arranged in alphabetical order (not in the order of sequence of the recording). So, when we send these requests to...

Burp Collaborator: Polling server not started ?

I am testing a private instance of Burp collaborator. The health check is failing. ## The error ## ``` Initiating health check Server address resolution Warning Polling server address resolution Success Polling...

Discover Content Functionality not working

I have been trying to carry out a discovery content to a client's website. However, it keeps giving me errors and does not send any packets. I am using Burp Pro version 1.7.19.

certificate expired

When import the certificate for burpsuite on windows 7 for firefox I got this error message "The certificate have been expired". The certificate valid from 9 Mar 2014 to 9 Mar 1980. After I try to re-generate the new one,...

Response not coming for the request passing through Burp

While testing a HSTS enabled web application with burp, I can see the URLs passing through Burp, but there is no response coming back. In the alerts, we are getting "Failed to connect to site:443". I can able to access this...

NTLM Authentication

Hello, I am trying to access an internal application and conduct a scan. The application uses NTLMv1. When I attempt to use Platform Authentication in burp, it doesn't work. This morning I have gone so far as to...

Generate cookie/session per request - Intruder

Hi, guys. I'd like to know how to configure intruder to generate a new cookie and session per request. I'm facing a problem when I try to make a request because my target session expires very quickly and I can't make...

Export Burp Proxy Log without Responses

When I am exporting burp proxy log using "Save Items", it is exporting it as an xml file with responses which increases the size of log file. Is there a way to filter the responses from getting logged?

Extension for applying intruder markers

We are developing and extension to reduce the number of parameters that should be tested (because they are already protected by our security tool). Is it possible to modify default markers for Intruder so that the parameters...

TimeOut in Transmission from xxx.com

It works well at first. But after a few hours, there are many errors and when checked in Alerts tabs it says "Timeout in transmission from xxx.com". I can access the application without any issues by using my browser...

CSRF test using CSRF PoC Generator

Hi, Received "{"message": "Unsupported Media Type"} message is displayed on the browser. I am testing CSRF PoC Generator from Burp Its a JSON message . This browser message is not conclusive w.r.t anti CSRF...

Burp proxy does not receive any HTTPS response after sending out request

Set up Burp proxy. Proxy HTTP traffic without any problem. But for any HTTPS traffic, I see Burp proxy send out request but there is no response. Wondering what would be the cause of that.

how do i display only a certain severity

Hello, I need to follow a particular path and would like to allow BURP to return me (or detect) only one type of issue based on severity. For example for this test round i am only looking for high severity, etc...

How not to display false positives

Hello, I ran a test which returned a number of issues that i consider to be false positives on my environment. If i run the same test again, i don't want them to appear at all again. Any idea of how i can do that ?...

Intercept other than HTTP/HTTPS

Hello I need to intercept an SSL handshake and change the certificate that is represented to the client, does burp support this if I start to send the traffic to 127.0.0.1:8080?