Burp Suite User Forum
For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.
dfgfgfd
I am having trouble using Burp with my application's CSRF defenses. I can get around these problems by disabling a few features, but I am concerned that I may be approaching this problem the wrong way. My application...
Is there a way to given Burp Suite in Windows or Linux command line arguments such that, given a saved copy of a Burp session, I can dump the XML copy of the report? I have hundreds of reports from multiple projects we...
Hi, I'm not sure if I'm the problem or if something has changed :-) so let me explain. I'm testing an application where a logout can be done with a URL like www.site.com/index.php?module=Users&action=Logout . In the...
I am getting the above error whenever I try to load a project from command line in burp. Please let me know how do I get rid of this error or is there any other way of doing this through command line. I am using the...
Hi, I was able to get the scan report by using my own extension. However, yesterday I got following error, and was not able to generate scan report. I did not make any change on the system that installs BURP, the same...
How would I do that? I saw few similar questions raised but the support team always finds a way not answer it practically. Can someone help answer this question?
How do I set the active scanner to skip server side tests for all .js and .css files? I currently have the following set with the scanner options tab and its not working: Skip server-side tests for: Parameter = URL...
Hello, I'm using Burp to proxy some traffic to an AMF gateway. Both requests and responses have the "Content-Type: application/x-amf" header. However, only requests are AMF-decoded . Of course, option "User Options / HTTP...
Hi Team, After i set proxy in browser and access my application am unable to access few functionalities which required third party site/libraries . Brief about issue: To access GIS functionality in my application i...
I would like my settings to stay the same between projects. I've saved them and load the JSON file when I create a new project, but nothing seems to save. I assume I am doing something wrong? I'd like the filters I set up on...
How do I backup Extenders only? When restoring an old state or someone else's state, it tends to revert/change all my currently installed extenders to whatever it was captured in that particular state. After which I restore...
I upgraded to Firefox Quantum and since then, I cannot use Burp as it tells me all pages do not have valid certificates. Is it a certificate that I need or are there additional safety measures built into the new browser that...
Hello Everyone, I am attempting to accomplish the following and I need some advice. End Goal: Setup Burp Suite to run in headless mode on a CentOS 7 box for scanning of company-owned domains on demand. We are using...
Hi community, I am currently testing a REST API and I would like to use a JSON parameter from a POST response in the next GET request. The workflow is the following: 1. POST to application like: POST...
Dear Burp Proxy support team, I tried to execute burp by using -Dencodingfile=EUR-KR options. However, in my response tab, Korean characters are only displayed as []. Do you have any suggestion on how to solve this...
Hi, Issues and advisory panels are not showing in sitemap. I am using free edition v1.7.27
Where I can find the time taken by API to load. I am using HTTP proxy. I know we can check time taken by using Repeater tab. But, I want to know the time taken by API when it is being used by an app or website on mobile.
Do you know of any extension allowing for running intruder payloads through custom shell/python script? That would be helpful if an app expects some specifically encoded/encrypted data for instance. Thanks, Mike
Burp suite fails to connect when contacting HTTPS web servers that are exclusively IPv6. I can connect to IPv6 HTTP just fine but the I get an error with HTTPS. I do not have any issues with IPv4 HTTPS.
Page 300 of 330
Your source for help and advice on all things Burp-related.