Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Severity Ratings

I understand that the severity ratings are defined based upon the experience of your security researchers and and seeing the vulnerabilities in real applications. What I have not yet been able to identify is what exactly a...

Last updated: Jan 12, 2016 08:46AM UTC | 1 Agent replies | 0 Community replies | How do I?

Hex encoded characters in custom parameter from macro response

I'm trying to work with a JSF application that uses a ViewState parameter as a CSRF token. I have setup a macro to grab the token and use it in requests, but character encoding is preventing this working. The response...

Last updated: Jan 08, 2016 01:59PM UTC | 1 Agent replies | 2 Community replies | How do I?

How do I make Burp settings persistent?

Hi, I'm running the Burp Suite Free Edition v1.6.32 on Windows 7. When starting the jar file, I'm getting a pop-up "Delete old temporary files?", which I don't delete, then I can use the app. But the settings set in...

Last updated: Jan 08, 2016 09:47AM UTC | 1 Agent replies | 0 Community replies | How do I?

Proxy Issue - Browser Hangs??

I set up Burp proxy as per documentation, but when I request a URL it shows in the http history tab but the page then hangs in the browser window, tried in Chrome, Firefox and IE. Can't figure our what the issue is... Any...

Last updated: Jan 08, 2016 09:37AM UTC | 1 Agent replies | 0 Community replies | How do I?

Test application with random parameter names

If there is any possibility in Burp to use Intruder or Scanner to test an application which sends in each request random parameter names? Application works in this way, for each page: - generates parameter names, I see...

Last updated: Jan 08, 2016 09:24AM UTC | 1 Agent replies | 0 Community replies | How do I?

Test application with random parameter names

If there is any possibility in Burp to use Intruder or Scanner to test an application which sends in each request random parameter names? Application works in this way, for each page: - generates parameter names, I see...

Last updated: Jan 08, 2016 08:12AM UTC | 0 Agent replies | 0 Community replies | How do I?

Test application with random parameter names

If there is any possibility in Burp to use Intruder or Scanner to test an application which sends in each request random parameter names? Application works in this way, for each page: - generates parameter names, I see...

Last updated: Jan 08, 2016 08:12AM UTC | 0 Agent replies | 0 Community replies | How do I?

Getting Scan result report

I have added scans to the burp suite professional and notice that under my scanner and scan queue tab that issues have been identified, however I am unable to view or print out a report on what these issues were. what am I...

Last updated: Jan 08, 2016 06:29AM UTC | 0 Agent replies | 0 Community replies | How do I?

Private Collaborator Server Refuses requests

I am trying to setup a private Collaborator server, and am running into issues with the DNS server. The server starts up fine; listening on port 80, 443, and 53. However, when I run a "netstat -plntu" on the server...

Last updated: Jan 07, 2016 07:03PM UTC | 3 Agent replies | 3 Community replies | How do I?

Burp Suite CA

Hi, I have regenerated my burp suite CA but i still keep getting error when intercepting request. http://prntscr.com/9hh3yw May i know how can i resolve this ? Thanks in advance! Mikko

Last updated: Jan 04, 2016 09:27AM UTC | 2 Agent replies | 2 Community replies | How do I?

Launch BurpSuite without checking for new version

Is it possible to launch Burpsuite such that it won't check for existence of newer version? FYI: We are considering to automate the burp scanning. Thanks, Vinay

Last updated: Dec 24, 2015 10:24AM UTC | 1 Agent replies | 0 Community replies | How do I?

View Previous Scans

How can I view previous scans? The "Hide finished items" is not checked, but I can not find any completed scans. Thanks, Deanna

Last updated: Dec 23, 2015 04:51PM UTC | 1 Agent replies | 0 Community replies | How do I?

Connection problems while using Burp

Hi, I have problems with setting connection when using Burp. I found out that when I am trying to reach the website using Burp proxy, just one SYN packet (and two retransmissions) is sent while when I don't use Burp proxy...

Last updated: Dec 22, 2015 01:31PM UTC | 1 Agent replies | 0 Community replies | How do I?

Proxy Listeners does not support for the specific address other than predefined proxy.

My proxy is "proxy.xxx.xxx.com". I am unable to edit under Proxy > Options > Proxy Listeners > Edit.

Last updated: Dec 22, 2015 01:19PM UTC | 2 Agent replies | 2 Community replies | How do I?

Proxy to support Javascript connection to cross domain connection

Hi, I configured my web app to -> 127.0.0.1:8443 to forward to all request to qa1.x.com:443. This works fine. the proxy is good. however, my web app javascript connect to a host: cdn.y.com This cause an application...

Last updated: Dec 22, 2015 01:19PM UTC | 1 Agent replies | 0 Community replies | How do I?

Set target to a different host and not the web browser.

I get using the web browser for testing web based testing. What I'm confused about is...with BURP can you target a different host/machine/PC/linux machine and still use the web browser as the MITM. I want to look at a...

Last updated: Dec 22, 2015 01:06PM UTC | 1 Agent replies | 0 Community replies | How do I?

Some problem with certificate

I use Burp to get trafic from my Android Mobile, but some applications returned the following error: (HttpNetworkException:error:14090086:ssl3_get_server_certificate:certificate verify failed) what does that mean?

Last updated: Dec 15, 2015 01:43PM UTC | 1 Agent replies | 1 Community replies | How do I?

Collaborator Troubleshooting

I'm trying to setup a private collaborator using HTTP first using only an IP address on port 8080 (working on getting all the approvals for dedicated domain, wildcard cert, etc.) but the health check for the "server http...

Last updated: Dec 11, 2015 03:28PM UTC | 3 Agent replies | 2 Community replies | How do I?

using burp with certificate pinning

Hi I am trying to use burp with my app, which is built with certificate pinning The certificates in my local server are self signed, so i understand i can bypass certificate pinning controls, right? When trying to...

Last updated: Dec 08, 2015 04:21PM UTC | 1 Agent replies | 0 Community replies | How do I?

Finding all forms on a site

Once a site is fully spidered, are there any ways to quickly the total number of the forms or login prompts on that site?

Last updated: Nov 27, 2015 03:37PM UTC | 2 Agent replies | 1 Community replies | How do I?

312 313
314
315 316

Page 314 of 322

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image