Burp Suite User Forum

Create new post

Detection of Cross Site Scripting

I recently used Burp Suite to perform a XSS scan. A reflected XSS vulnerability was reported. When I reviewed the request and response I noticed that the supplied input is exactly echoed in the output. Case 1 Two inputs...

Last updated: Apr 15, 2015 08:36AM UTC | 1 Agent replies | 0 Community replies | How do I?

Form Submission

I am spidering a website and opted for manual form submission. Question 1: In the submit form dialog, I can see hidden fields also expecting an input from us (there is no default value as well). In a typical browser...

Last updated: Apr 15, 2015 08:28AM UTC | 1 Agent replies | 0 Community replies | How do I?

Utterly unclear on the purpose of spider

My impression is that spider expands the sitemap as it crawls, aided by its form submission abilities, etc. But after I spider my entire host, I notice that manual active scanning the entire host does not make a...

Last updated: Apr 15, 2015 08:20AM UTC | 1 Agent replies | 0 Community replies | How do I?

save proxy message

is it possible to save request and response contents into file programmatically ? like manually we can do by HTTPHISTORY tab->right click and select save item to save the message contents into specified file can it be done...

Last updated: Apr 13, 2015 08:10AM UTC | 1 Agent replies | 0 Community replies | How do I?

Scanner Starts Fast But Slows to a Crawl

I have a small website for which I'm attempting an active scan. There are about 120 items in the scan queue. It starts out quite fast for the first few minutes. But after about 10-15 minutes, the scan requests slow to a...

Last updated: Apr 13, 2015 07:58AM UTC | 2 Agent replies | 1 Community replies | How do I?

Integrate BurpPro with late-model kali linux (@ kali.org)

I download and use kali linux and keep current with their updates. It has the burp suite already. 1. If I purchase the PRO version (@ $299/yr) as I'd be the only person using it... how do I install it into kali? Is...

Last updated: Apr 09, 2015 04:43PM UTC | 1 Agent replies | 1 Community replies | How do I?

Insert Images

How to insert images when I am making a public post in the new version of the forums ? In the previous version of forums/board I was able to insert, but this one I am not able to do so. Please help me.

Last updated: Apr 08, 2015 01:10PM UTC | 1 Agent replies | 0 Community replies | How do I?

How Do I view if the Burp CA is installed in iOS 8?

Hi, How do I view if the Burp CA is installed in iOS 8? In iOS 7 I could do it under General -> Profiles but in iOS 8 this screen has gone. Thank you

Last updated: Apr 01, 2015 03:58PM UTC | 3 Agent replies | 2 Community replies | How do I?

socks support

hello everyone! I m stuck here ..nowdays it s almost imposible to test something without changing ip from time to time that s why i want to ask you is there any support for burp like Multiple proxy support (each request...

Last updated: Mar 30, 2015 07:51AM UTC | 2 Agent replies | 1 Community replies | How do I?

How Do I read the burp saved state.

I need to extract some information from the saved burp state file. The burp state file is in zip format. So I'd unzipped the file and it contents xml. For some reason none of the php xml reader is able to read the...

Last updated: Mar 26, 2015 10:17AM UTC | 2 Agent replies | 1 Community replies | How do I?

Command Line for Resetting User Settings in Burpsuite

Dear Support, I occasionally have issues with Burpsuite locking when I try to load it. There is a command line option for resetting user defaults, but I cannot remember it. It was something like --reset-defaults or...

Last updated: Mar 26, 2015 08:48AM UTC | 1 Agent replies | 0 Community replies | How do I?

Need to know how to use this tool

Hi Guys, i want to know how to use burp suite, sql injection, xss validation, content type incorrectly used,etc.. any one can teach me with the free edition of v1.6 Thanks in advance

Last updated: Mar 25, 2015 09:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

How to use burpsuite with IE automatic configuration script option

Hi, I could not able to configure burp suite with browsers. If I use manual connection settings in browsers,I could not load any site.Because my company need to use : Internet Explorer -> Option -> Connection -> LAN...

Last updated: Mar 24, 2015 09:08AM UTC | 1 Agent replies | 0 Community replies | How do I?

Intercept requests made from excel

I am clicking a link in a excel cell. Tell me if i can intercept thst using Burp. I have a Burp Prof license

Last updated: Mar 12, 2015 12:17PM UTC | 1 Agent replies | 0 Community replies | How do I?

Can we Test ThickClient build using C++ running on TCP Protocol

Hi, We are pen-testing Thick-client application developed in C++ running on TCP protocol using Winsock controls. I have tried changing the following >> Under proxy tab modified Options...

Last updated: Mar 12, 2015 04:30AM UTC | 1 Agent replies | 1 Community replies | How do I?

Encountered a trouble when setting https proxy in os x 10.10 for firefox

I've read this aritcle(http://portswigger.net/burp/help/proxy_options_installingCAcert.html) and followed the instructions of the firefox section. But when I browsed twitter, it told me: "Unable to Connect...

Last updated: Mar 12, 2015 02:30AM UTC | 0 Agent replies | 1 Community replies | How do I?

Received fatal alert: bad_record_mac

When https request is proxied via burp, bad_record_mac error is shown in Firefox. Alerts tab in burp shows - javax.net.ssl.SSLException: Received fatal alert: bad_record_mac

Last updated: Mar 08, 2015 08:27PM UTC | 3 Agent replies | 3 Community replies | How do I?

Usage of ssl certificates

Hi, i have an address that is a restful service that requires an SSL cert inorder to access it the address starts as: https://certapi.t6.lmuk.local/ Please note: -This is an internal address the available to external...

Last updated: Mar 04, 2015 02:13PM UTC | 1 Agent replies | 0 Community replies | How do I?

Invalid client request received: Dropped request looping back to same Proxy listener

Getting the above error when trying to connect to WebGoat using port 8080 on my local host through Firefox. I've set up the Firefox proxy for localhost port 8080 and the same on Burp. Saw another post with the same...

Last updated: Feb 25, 2015 09:28AM UTC | 1 Agent replies | 0 Community replies | How do I?

Set one cookie equal to another in intruder

I have a situation where a cookie is set in Javascript so it's not coming up under the "set cookie" header for handling in macro's. For this post I'll refer to this cookie as "window". No problem - I know the value is always...

Last updated: Feb 24, 2015 08:57AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 319 of 320

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image