Burp Suite User Forum

Create new post

Getting Scan result report

I have added scans to the burp suite professional and notice that under my scanner and scan queue tab that issues have been identified, however I am unable to view or print out a report on what these issues were. what am I...

Last updated: Jan 08, 2016 06:29AM UTC | 0 Agent replies | 0 Community replies | How do I?

Private Collaborator Server Refuses requests

I am trying to setup a private Collaborator server, and am running into issues with the DNS server. The server starts up fine; listening on port 80, 443, and 53. However, when I run a "netstat -plntu" on the server...

Last updated: Jan 07, 2016 07:03PM UTC | 3 Agent replies | 3 Community replies | How do I?

Burp Suite CA

Hi, I have regenerated my burp suite CA but i still keep getting error when intercepting request. http://prntscr.com/9hh3yw May i know how can i resolve this ? Thanks in advance! Mikko

Last updated: Jan 04, 2016 09:27AM UTC | 2 Agent replies | 2 Community replies | How do I?

Launch BurpSuite without checking for new version

Is it possible to launch Burpsuite such that it won't check for existence of newer version? FYI: We are considering to automate the burp scanning. Thanks, Vinay

Last updated: Dec 24, 2015 10:24AM UTC | 1 Agent replies | 0 Community replies | How do I?

View Previous Scans

How can I view previous scans? The "Hide finished items" is not checked, but I can not find any completed scans. Thanks, Deanna

Last updated: Dec 23, 2015 04:51PM UTC | 1 Agent replies | 0 Community replies | How do I?

Connection problems while using Burp

Hi, I have problems with setting connection when using Burp. I found out that when I am trying to reach the website using Burp proxy, just one SYN packet (and two retransmissions) is sent while when I don't use Burp proxy...

Last updated: Dec 22, 2015 01:31PM UTC | 1 Agent replies | 0 Community replies | How do I?

Proxy Listeners does not support for the specific address other than predefined proxy.

My proxy is "proxy.xxx.xxx.com". I am unable to edit under Proxy > Options > Proxy Listeners > Edit.

Last updated: Dec 22, 2015 01:19PM UTC | 2 Agent replies | 2 Community replies | How do I?

Proxy to support Javascript connection to cross domain connection

Hi, I configured my web app to -> 127.0.0.1:8443 to forward to all request to qa1.x.com:443. This works fine. the proxy is good. however, my web app javascript connect to a host: cdn.y.com This cause an application...

Last updated: Dec 22, 2015 01:19PM UTC | 1 Agent replies | 0 Community replies | How do I?

Set target to a different host and not the web browser.

I get using the web browser for testing web based testing. What I'm confused about is...with BURP can you target a different host/machine/PC/linux machine and still use the web browser as the MITM. I want to look at a...

Last updated: Dec 22, 2015 01:06PM UTC | 1 Agent replies | 0 Community replies | How do I?

Some problem with certificate

I use Burp to get trafic from my Android Mobile, but some applications returned the following error: (HttpNetworkException:error:14090086:ssl3_get_server_certificate:certificate verify failed) what does that mean?

Last updated: Dec 15, 2015 01:43PM UTC | 1 Agent replies | 1 Community replies | How do I?

Collaborator Troubleshooting

I'm trying to setup a private collaborator using HTTP first using only an IP address on port 8080 (working on getting all the approvals for dedicated domain, wildcard cert, etc.) but the health check for the "server http...

Last updated: Dec 11, 2015 03:28PM UTC | 3 Agent replies | 2 Community replies | How do I?

using burp with certificate pinning

Hi I am trying to use burp with my app, which is built with certificate pinning The certificates in my local server are self signed, so i understand i can bypass certificate pinning controls, right? When trying to...

Last updated: Dec 08, 2015 04:21PM UTC | 1 Agent replies | 0 Community replies | How do I?

Finding all forms on a site

Once a site is fully spidered, are there any ways to quickly the total number of the forms or login prompts on that site?

Last updated: Nov 27, 2015 03:37PM UTC | 2 Agent replies | 1 Community replies | How do I?

Define Location Component

Is there any way for Extensions to use the "Define custom location" component that is part of the Sequencer and Intruder Grep - Extract functions? This component: http://oi66.tinypic.com/2zhfe60.jpg This would be much...

Last updated: Nov 25, 2015 09:21AM UTC | 1 Agent replies | 0 Community replies | How do I?

How to re-enable AMF support

Since AMF support is disabled by default since 1.6.29, how is it re-enabled when needed? Or is AMF testing now limited to the Blazer extension?

Last updated: Nov 25, 2015 09:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

Changing scan areas during scan

If I change Active scanning areas during scan will it reflect in the current scan ? Scenario: 1. I have selected SQL injection checks and started scan 2. I pause the scan and select XSS Checks 3. I resume the...

Last updated: Nov 19, 2015 02:06PM UTC | 1 Agent replies | 1 Community replies | How do I?

Content-location ip versus hostname

Curious behavior difference between nikto output and burp output. From nikto a request like this: GET / HTTP/1.1 User-Agent: Mozilla/5.00 (Nikto/2.1.6) (Evasions:None) (Test:headers: IIS internal IP) Connection:...

Last updated: Nov 18, 2015 11:32AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do I manually reproduce ruby code injection in cookie parameters?

One of the apps I'm testing is coming up with Ruby Code Injection alert. The confidence is listed as Firm. Issue Details: The payload '+sleep(20.to_i)+' was submitted in the foo parameter within the bar cookie. The...

Last updated: Nov 18, 2015 08:50AM UTC | 1 Agent replies | 0 Community replies | How do I?

how to detect the errors in webapplication

How to login in burp suite tool in free version and how to detect the errors in webpage.

Last updated: Nov 17, 2015 12:05PM UTC | 1 Agent replies | 0 Community replies | How do I?

how to enable correct renegotiations for SSL

Hey, so I was testing burp suite proxy to sniff HTTPS from AFNetworking SDK for iOS. I was successful in sniffing and intercepting HTTPS traffic with GET and POST from an iPhone by using a proxy. However, it seems it only...

Last updated: Nov 11, 2015 02:56AM UTC | 0 Agent replies | 0 Community replies | How do I?

Page 303 of 310

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image