Burp Suite User Forum
I've looked at the first 5 pages of this Support Center and the closest I see to my problem is here (http://forum.portswigger.net/thread/1557/burp-displaying-webgoat). If this has been answered, or this is the wrong area to...
Hello, I'm trying to configure my proxy to work on other IPs than 127.0.0.1, but the browsers refused to connect to other ips than 127.0.0.1. I didn't see any errors, and I verify that the proxy is connected and running...
I am trying to do some invisible proxying through burp, but this requires binding burp's proxy to ports 80/443 which requires root privileges. However, if I run burp as root, it asks for another license. I am wondering if...
Hey PortSwigger, I'm currently trying to import a cert chain as my CA for burp suite (using Burp Pro). I need to import my intermediate certificate as the CA for each host, whilst also supplying the root cert file for all...
Hello, I would like to create an "About" page for my extension, but I am having difficulty finding the path that the extension resides in. I am currently using Jython to write my extensions. Right now, using the Python...
Used to be possible when "Issues" is part of Scanner tab. Newer versions saves the "Content" making the state file unnecessarily large. Thanks!!
How do i use the intruder if the webapp provide new cookie each time a new GET is made? Would it be possible for burp-intruder to pick the new cookie from the response and put it back as the next Request...
Hi; We are using burp Pro Version of 1.6.27. In the Security Assesment we are not able to connect with BB7 Device like the Burp Proxy is not connected the BB7 device and it not intercepting. We are using BB7-9320...
Hi I am using latest version of Burp and created a Macro to login to complex website. It requires at least four request to complete the login sequence. Below are the first three requests (sanitised) First...
Burp has reported some XSS vulnerability for a website. For the below discussion let us use this URL...
i was hoping that you all had an all-encompassing user guide with all content in one doc. i found the following, which shows all help pages, but i'd really like to get all of that content in one file that i can review...
<a href=http://canadianonlinepharmacy.top>canadian online pharmacy</a> <a href=http://bestpriceforgenericviagra.us>best price for generic viagra</a> <a href=http://clomiphenecitrateforsale.top>clomiphene citrate for...
Is it possible to pentest a web site that behind reverse proxy? If yes, how to?
Hi, Is there a way to supply a list of usernames to be used as a prefix when payload processing prior to base64 encoding? I have an application which has a pop up authentication window to log in. The authentication...
I am active scanning a website which involves sessions. Number of threads for scanning is 5 - this means 5 requests will be sent at one time I am using a session handling rules to check if session is valid or...
Problem: When intercepting, the site I'm visiting doesn't render properly in my browser. Some resources do not load. Related: in BurpSuite's "Alerts" tab, I have dozens of lines like this one: "The client failed to...
Hello, I noticed a few POST response (whether 200 or 302) is not having a XSS protection/ Content sniffing / Click Jacking prevention header set and burp suite detected that as a vulnerability. Is there a specific...
Hello, I would like to spider only POST requests (and follow redirection). Is it possible ? I verified if there are any options to define the scope based on POST method, but I couldnt find any. In short, I would...
I have a webapp where, when saving edits to a particular page, a POST request is made to a simple 'FormSave' page. The server response is a simple 200, json response {"Success":"true"} (or failure if the request fails)....
In order to do selective custom scanning area selection using active scanning using my extension, I am trying to set those values using the loadConfig() To do this, I first set the following values to...
Page 306 of 312
Your source for help and advice on all things Burp-related.