How do I? - Page 4 - Burp Suite User Forum

Microsoft login giving bad request with burpsuite

I am testing an application that utilizes microsoft login. At some point, microsoft login starts to give 400 bad request error for request GET login.microsoftonline.com/common/discovery/instance and the microsoft login page...

Reset my all lab

I want to solve again all lab so reset my all lab that i have solved

Burp browser is not available

Hi, I encountered this error message "Burp browser is not available" when I tried to launch burp browser on my Kali Linux that is running on raspberry pi 5. Please advise what can I do to resolve this? The burpsuite...

I want to use my license in my virtual machine

Is there any way so that i can switch the burp license between machines if required, as I am getting limit exceed while activation on my vertual machine as I have already activated on base machine

Couldn't upload my project file for BSCP

Hello, I just completed the BSCP exam but I was unable to upload my project file. It doesn't seem like I have the option available to upload now. Is there a way for me to still be able to provide that?

Exploiting NoSQL operator injection to extract unknown fields -- What am I missing?

I found a hidden field and (after a lot of effort) extracted what would seem like a key value for said field... but for the life of me, can't figure out how on earth to use it... tried putting into header, cookie, using it...

Burp's browser / Renderer is not working. How do I fix this?

I ran a health check for Burp's Browser and I got the following error: Checking headless browser: Error Aborting checks due to errors. net.portswigger.browser.Zyg: No dev tools websocket output from local chromium...

Active scan creates thousands records in my DB.

Hi. I have a problem when I run a test that has a record insertion function. When I launch the Active scan it creates thousands of real records in the DB. I think that Burp is a "simulator" of hackers and as such should not...

Unable to reactivate my license, even after removing it from one of the virtual machine

Hi Team, I had added my license for more than 1 VMs and was trying to add it to another VM as well for my usage but unable to do so. It throws error message "No more activation is allowed for this license". I...

Reset licence activations

Hi, my team recently got some new pentesting machines, and across these and the multiple VMs we each have to use (a remote one, plus 2 on the machine) we're worried about the number of activations on our licences. Is it...

Send input parameter to external script

I'm looking for ways for me to actually right click on part of a screen like repeater tab or intruder tab, right click -> send to a custom extension. The extension will actually take in an input parameter, from the text...

Private collaborator deployment

Hi, I am trying to deploy a private collaborator server and I am having some trouble. The server is getting a "We communicated with the collaborator, and appeared to successfully record events, however when we attempted to...

Script for fixing ysoserial erros

Hi, This is for those who are getting errors when using ysoserial. I found this script which is very helpful: https://gist.github.com/JorianWoltjer/5210e99c13189446ece5ffe3e9fe3d90

how to reset all labs

how to reset all labs in my id how to do

How can I confirm the current users who assigned to my Burp Suite Professional Licenses?

I have two user-licenses of Burp Suite Professional. I have assigned a person to a license of Burp Suite Professional. Now I tried to assign a new person to the license. But I couldn't do with following...

Burp Suite Certified Professional

Hi Team, Do I need to solve all the labs to get access to the exam or can i take my exam.

Lab "Clobbering DOM attributes to bypass HTML filters" is not getting solved

Below exploit is working for myself and getting the popup but when delivering this to victim then lab is not getting solved. Payload: <form id=x tabindex=1 onfocus=alert(1)><input...

LAB "Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped" is not getting marked as SOLVED

I am injecting below XSS payload and getting the popup with domain mentioned in it. https://0a36008e04cdc01a80cec72700990053.web-security-academy.net/?search=test%20${alert(document.domain)} Also, tried with...

how do i renew organization Burpsuit account

HI Team , Please help with the process for renewal of burpsuite account. We have due to on 11 Oct 2024

Burpsuite Professional Open Problem

Dear Team, After purchasing the licence key for burpsuite professional I have received a mail like "Your Burp Suite Professional license key has been renewed" and also they mentioned points like Just follow the steps...