Burp Suite User Forum
Hi. I have a problem connecting Burp to my android phone. I've installed CA certificate, set the proxy of my local machine, but it doesn't work. On the computer, where Burp is running, all works good. I tried to run...
I'm trying to play with BurpSuite by attacking a local instance of WebGoat (intentionally-vulnerable web app at https://owasp.org/www-project-webgoat/) and am having some difficulty getting the proxy setup. I am on a...
Lab: Exploiting PHP deserialization with a pre-built gadget chain I kept receiving this error: PHP Fatal error: Uncaught Exception: Signature does not match session in /var/www/index.php:7 Stack trace: #0 {main}...
I cannot solve the lab in any way: I tried with Turbo Intruder applying the solution, but the result is that the GETs are never with status 200 I have only tried with Intruder with the same result I also tried using "...
Hi, I need to perform a salesforce scan and have configured the MFA to static code but still the login sequence is not working. Any help on this please.
hello. i gotta some problem. basically we hava a four license. and we repeated the license registration, formatting on several PCs. so now, we can't use to license. alert: no more activations allowed for this...
Hi Team, I wanted to if application have 2FA(login and OTP) how to configure Burp Enterprise for the same. I can only see authentication with simple username and password field to add in auth configuration in...
Hi Team, If i want to feed a list of REST APIs in a json file format, not URL, is it possible to do so in Burp UI and also via Burp API for automation. The objective is if a user uploads a json file with REST APIs, can...
Hi team, Can you please reset all my labs and lessons progress as I plan to start them again. My email id is ankursharma012@gmail.com regards Ankur
I dont know how to add X-Forwarded-For Header in burp suite and what is columns ? i need video for solution in Lab Username enumeration via response timing. thanks
How to get the license key to open burp suit.
Hi! Due to various restrictions, I know that I will never use a public collaborator address. When turning on burp, I always have to change the address to my self-hosted - which generates a few more clicks with each test. Is...
Is there a way I can create a match and replace rule that matches all 302 headers and modifies them to a 200 OK within Burp?
Hi, I'm working on the Cache Key Injection lab. It mentions that knowledge of other vulnerabilities such as parameter pollution, header injection in the response, and of course XSS is necessary to solve it. However,...
Hey, so the following is the case: I want to creae a burp image that has already been activated, since I need multiple containers from that image. I successfully did this by mounting the .java/.userPrefs/burp...
We need to download the URLs that we've scanned with Burp Suite EE. How do we do this? Is there an API query we can use?
Hi, I am using the current version of Burp Suite Professional. Currently, I am running Burp headless to scan our application, but I want to use crawler to find path without providing paths in the sitemap. I am looking...
Dear burp team, Unfortunately I have had to reinstall my laptop because a firewall rules and now when I try to install burp suite, I get the error "No more activation allowed for this license". Could you help me...
Hello, I just wanted to know if it was possible to sort result with multiple columns. For context, here is my situation: I'm doing a SQL Blind injection in a lab and want to sort my result in a way that first are the...
Hello sorry for the bother, i have wrote extension to send api request to burp to scan url but can't figure out how to send it to repeater or intruder instead as the scan keeps the task on going and i need it to run only...
Page 4 of 291
Your source for help and advice on all things Burp-related.