How do I? - Page 313 - Burp Suite User Forum

Edit Request in interceptor using burp extender

Hi Is it possible to use burp extender to write a custom tool which will modify a certain paramter , every time this parameter is present in this request ?

burp suite

Hi I'm running IE 11 through burp suite but in conjunction with the TOR browser and keep getting the following error message - I'm sorry I'm new to pentesting so hope you could advise: Error SOCKS server general failure.

please reactivate my id

Hello please reactivate my license

Meaning of red highlighted text Target-Site map?

I have several items in my Target-Site map that are in red text. What does this mean?

Cross-site request forgery - ignore date response header

Hi, I'm receiving a lot of false positives as nginx is sending the Date header - which is obviously different each time the scanner tries a new combination - so Burp is highlighting it (albeit tentatively). Is there...

proxing Thick client Applciations

I working with Java Thick client application which is used login in Browser after successful login it collects the jar files from server and later it became Desktop application i configured normal as Web application then...

How do I run Burp with Selenium

Hi, We already have a framework in place that is covering all the functionalities of my application, Now we want to run those tests against Burp via selenium. The idea is to check vulnerabilities in each flow of what...

i have not received the license key .

dear sir or madam, i have purchased the professional edition yesterday ,but still not received the license key, can you please check for me . and you can send the email to my new mailbox: gsmc.abu.om@gmail.com...

Best manage CSRF in Alfresco

Scanning Alfresco, and wanted to do automated scans of "create-site" function (for example). GET of the "create-site" URL (or any URL) seems to refresh the CSRF token sometimes (Alfresco-CSRFToken), I think the first GET...

Is there a way to determine which software is being used like Adobe Cold Fusion 9 or 10 ?

Hello, when I am doing a active scanning is there a way to detect what software is running. Like if the server process Adobe Cold Fusion or Apache or PHP or ASP.NET?

Dynamic URL cannot be spidered or scanned

Hi, We have an issue with a site that all the URL are generated on the fly with random URL string. They can only be clicked once. Any request sent to the same URL will invalidate the session. So spidering and scanning...

How do I automate Active Scanning

Hi! Which Extender APIs should I be looking at if I want to automate the following (similar to Carbonator but a bit different): 1. My extension runs in headless mode (as Carbonator does). 2. Target URL and the whole...

google translate through Burp proxy

In Google Chrome on configuring the browser with Burp proxy, google translate extension is not working.

Burp Infiltrator

I have patched the burp infiltrator and a file named infiltrator.config is also present. But while scanning I am not getting the issues reported by infiltrator.

This is really awesome tool ever

This is really awesome tool ever.

Intruder options:

Under Intruder, there is a section named "Payload Encoding", it allows to URL encode certain characters. Why is burp doing so, in other words, why are we bothering to URL encode the payloads before they reach the web...

Port 25 needed for new SMTP Checks on Private Collaborator Server?

Hi, Does port 25 need to be opened in the firewall for the new SMTP checks to work on our private Collaborator Server and is there an option to set the listening port? aka "smtp": { "port" : 8025 } Thanks

Http History does not record calls from browser to webapi on the target site

I am using Burp Suite Professional 1.7.04 In an application that hosts a Silverlight component I can see calls to the component's host page in the Http History. The Silverlight component makes https REST API calls back...

Injecting special characters like " /,*,' " into an http request

Hi Mr. Stuttard, I have an http request which contains following...

Burp Collaborator

Hi there, stupid question. How come i don't see the Collaborator tabs within my Burp app? I have my Burp pointing to use the public Collaborator servers but not seeing any of the tabs. What am I missing here? Thanks.