How do I? - Page 311 - Burp Suite User Forum

Encountered a trouble when setting https proxy in os x 10.10 for firefox

I've read this aritcle(http://portswigger.net/burp/help/proxy_options_installingCAcert.html) and followed the instructions of the firefox section. But when I browsed twitter, it told me: "Unable to Connect...

Received fatal alert: bad_record_mac

When https request is proxied via burp, bad_record_mac error is shown in Firefox. Alerts tab in burp shows - javax.net.ssl.SSLException: Received fatal alert: bad_record_mac

Usage of ssl certificates

Hi, i have an address that is a restful service that requires an SSL cert inorder to access it the address starts as: https://certapi.t6.lmuk.local/ Please note: -This is an internal address the available to external...

Invalid client request received: Dropped request looping back to same Proxy listener

Getting the above error when trying to connect to WebGoat using port 8080 on my local host through Firefox. I've set up the Firefox proxy for localhost port 8080 and the same on Burp. Saw another post with the same...

Set one cookie equal to another in intruder

I have a situation where a cookie is set in Javascript so it's not coming up under the "set cookie" header for handling in macro's. For this post I'll refer to this cookie as "window". No problem - I know the value is always...

How do I troubleshoot "failed to connect" messages?

So, I load up Burp Pro, restore defaults (latest versions of burp and JRE), enable the proxy and then in Chrome, with FoxyProxy browse to the site I want to scan/spider. I add said site to scope, and then start spidering....

MDSEC labs

Anyone doing the labs from the hacker's handbook? Any possible way someone knows where you can find the answers to the practical labs? Im stucks on a couple of them and would be nice if someone can answer on how it is...

get the count (number of pages ) spider crawled

How can i get the number of pages crawled by the spider

not received mail

i was buy burp pro but not received mail confirm please my email is securemail@naver.com

Burp Updates

Normally Burp software indicates when you release a new version. However, since the beginning of the year, I haven't had any alert of a new version. Is there something to configure? Thanks and best regards, Rachel

java.net.socket Exception when configuring intruder through Burp Extender API

I am sending multiple HTTP req to intruder with positions marked using sendToIntruder() method in burp Extender API but when I click Launch attack I get java.net.socket in the alerts Tab and no status as 200/400 is coming...

How to auto load payloads for all intruder attack at one time through Burp Extender API

I have a payload file with 25 payloads. Can anybody help in sorting out how to auto load payloads through API. IIntruderPayload Generator generates only exetension payload which i need to again manually select from...

macro to replace part of URL

Hi, I need to test a request similar to /something/<a_different_ID_per_request>/ and need to fetch an valid ID prior to that request. Because the ID is a REST parameter I cannot simply do a macro + session handling rule...

How do I generate a report after scanning without issue found

Dear Support, We have purchased a Burp Suite pro. I used its vulnerability scaner to scan our web server. I could not generate report when no issue found after scanning. I need it to show our management as a proof. Can...

How Do I Supply A Preconstructed Target Site List?

The BURP documentation says that I should turn the proxy on and then do a bunch of work on my Web app in order to build a list of URLs to put in the Target Site list. I do this and it works fine. I'm concerned, however, that...

Saving Burp sessions

Is there a way in Burp to save a set of captured messages and play them back later with fuzzing inserted? That is, once we capture a series of messages to a server, we wish to be able to perform fuzz testing. and we wish...

How to run multiple session while scanning application through Burp?

While the scanning the application through Burp, I found that if I use multiple threads it is resulting to session errors like (The requested session id appears to be invalid.You may have more than one Task Manager...

Dynamic Websites / Trial

I was wondering if your tool supports dynamic web sites. Furthermore, some of our website's pages can only be accessed using IE. We currently test our website using IE11, so that version is preferred. Would it be...

Burp CA Certficate

Hi Burp Support, I’m having trouble configuring my proxy and allowing my browser (Chrome or Safari) to access the internet. I think I need to download the Burp CA certificate in order to fix this issue. However, all the...