Burp Suite User Forum
<a href=http://futures.cf/take-a-deep-breath-he-says-you-have-friends-in-the-industry-who-understand>http://futures.cf/take-a-deep-breath-he-says-you-have-friends-in-the-industry-who-understand</a> <a...
I have set up a session handling rule that sends a certain cookie for all requests to a certain domain. What I have found however, is that that the cookie will be sent on all GET requests to the domain, but not sent with...
I scanned 30+ URLs using burp suite tool. 4 URLs were reported for Frameable Response (Potential Clickjacking) While all the URLs that were scanned missed the X-Frame-Options header, why only 4 URLs were flagged for this ?
On Intercepting my Asp.Net application in the place of Http/1.1 with Http/1.1 200 OK it is showing bad request error.What should I do to redirect this to default error page.I have already Http errors and Custom error in...
BURP suite is reporting SQL Injection errros, whats best possible way to handle those errors in a PHP – Apache environment.
Is Burpsuite capable of performing vulnerability scans against databases ? I have seen and there is no option, but just wanted to confirm with the experts. Also, do we have a security standard for databases as we have...
We are testing a private collaboration server that is exposed to the Internet. When I came back from lunch I saw this in the console: 2015-08-05 12:40:12.508 : Request received:...
When I try to launch Burpsuite v1.6.01 from my 32-bit Ubuntu-12.04LTS, it shows message "Proxy:Proxy service started on 127.0.0.1:8080" but no UI is displayed means Burpsuite App is not launched. -My PC has a second...
Can Burp Suite support a login redirect where the login page is not within the scope? I have a /Employee and a /Customer area within my ASP.NET MVC application. For ease of development, the login URL in Web.config is...
When I try to launch Burpsuite v1.6.01 from my 32-bit Ubuntu-12.04LTS, it shows message "Proxy:Proxy service started on 127.0.0.1:8080" but no UI is displayed means Burpsuite App is not launched. -My PC has a second...
Dear all, I have the following Form data, that is sent through HTTP POST to a site: -----------------------------10935559812996 Content-Disposition: form-data;...
Hi all, I have an internal collaborator Server up and running on a physical server with the following config: { "serverDomain" : "collaborator.test.com" "eventCapture" : { "https": { "hostname" :...
Hi there, I am doing some Internal VA scan. What is the difference between External VA scan and Internal VA scan.What are the most common things to look out for. What are the most common web host used by a mid to large...
Hi All, I have a question related to site map. As per "https://portswigger.net/burp/help/target_sitemap.html", Site Map Views can be created by "The left-hand-side tree view contains a hierarchical representation of...
Hi, I am using an headless android emulator with API leve 19 on amazon ec2 ubuntu instance. Can you please with installing Burp's CA certificate in an headless android emulator ? Thanks, Chhagan Mathuriya
I'm developing an extension that pulls back a list of saved burp states into a table. I'm trying to get the application to restore the burp state when one of these items is clicked. Unfortunatly Burp is giving me a runtime...
Not sure if this is a bug or the standard behavior, so posting here first. I tried this with burpsuite_pro_v1.6.11.jar and burpsuite_pro_v1.6.02.jar with the default initial config. The application was hosted locally with...
Hello, I've got Burp Suite Professional and I've got a test Process here for my Website, that it attempts a combination of a specific E-Mail and a bunch of Passwords. However, I've put it (on my Website), so if the user...
session < > " ' `
The log out detection in Burp is inconsistent when "Follow redirections where necessary" (Scanner > Options) is set. Inconsistent because it tests the session validity sometimes before redirecting and sometimes after...
Page 308 of 312
Your source for help and advice on all things Burp-related.