Burp Suite User Forum
Even tough my payload is working on view exploit when I try to deliver it to victim it never solves the lab. Yes, I change the email before I deliver to victim. Check this Payload for Lab: Clickjacking with a frame buster...
How HARD, I try.. I am not able to resolve this lab... even after using multiple methods to solve this lab.... Cookie part is working.... Symmetric Key which is being created using .PEM public key which is not...
Hello Team, I have one general query. Changing a request query parameter to a different value and then getting a different result. As long as the data is something user should have access to then there isn't a problem...
I've seen on yt videos that if u sent a request in repeater then it will solve the lab. But when i sent a request in repeater it isn't showing the lab is solved
Iam unable to open Burp Browser from the burp suite community edition, as iam facing the error as Burp Browser Error, java.io.IOException: cannot run program and it is saying that system cannot find the file specified.
Hello, I have been working on the CSRF Labs and I'm having problem with the following labs: - Lab #5: CSRF where token is tied to non-session cookie - Lab #6: CSRF where token is duplicated in cookie issues For Lab...
Hi All, I am following the solution mentioned in the lab solution. In the last step when I change the :path to /admin, I get the following response, "HTTP/2 500 Internal Server Error Content-Type: text/html;...
Hi, I'm not sure if this is a bug or a feature but I'm observing the following behaviour when using the Burpsuite Enterprise scanner: When a scan finishes, in the Issues section contains the vulnerabilities found by the...
Hi Support, I would like to know how much (in USD) does it cost to renew my current Burp Suite Pro license?
I understand that Burp automatically checks if the session is invalid and restarts the login process accordingly. However, is there a way a user can change what would be considered "invalid session". The application I am...
I have been trying to access portswigger CSRF lab "SameSite Lax bypass via cookie refresh" since yesterday but, it keeps throwing 504 gateway timeout - "the server didn't respond in time".
Hi Supporters, I have a few PC installed Burp Suite and some of them got reinstalled recently Today I do activate Burp Pro and I encounter a message "No more activations allowed for this license". Could you please help...
good day. how can I set up a test exploit server or if there is any option online that can be used to test the http atacks part. Cheers...
My license expired in just two days! It's curious because I didn't use Burp Pro until now. Now, I can't use it anymore because there's no valid license for me. And I paid for it! Congratulations! I believe I still had more...
As i tried to scan the URL scan got aborted with following error 1654690424690 Info Task 11 Paused due to error: Could not connect to any seed URLs. 1654690423985 Info Task 11 Crawl started. 1654690242653 Debug Task...
I ran an active scan using Burp. The scan was abandoned due to multiple errors. I would like view the error logs so that I could figure out what went wrong. How do I check these errors?
Hi, Can BurpSuite Enterprise Edition forward findings to Security Hub or Defect Dojo after it finish to run the scan in a CICD pipeline?
I am using Burp Enterprise. I've installed it in silent mode with a response.varfile which contains the db username and password. I have an external database server whose password I would like to change after burp is...
Have been working on the clickjacking labs however it looks like cookies are not being passed to the iframe - when framing the site the my-account page is being redirected to the login page. I did these labs a couple of...
Hi, I am currently using Burp Pro REST APIs to trigger DAST scans. I have noticed that if a finding is reported by the current scan, then it will not be reported again if I trigger the scan on the same URL again. I think...
Page 4 of 322
Your source for help and advice on all things Burp-related.