How do I? - Page 49 - Burp Suite User Forum

testing GitHub application --how to intesept traffic

hi Team I would like ask.In testing website you just intercept traffic by put Burp certification for browser setting HTTP Proxy 127.0.0.1 But how to testing GitHub application for example...

No more activation allowed for this license

Hi Team, While installing the license getting error "No more activation allowed for this license". Could you please help.

it's doesn't work when I check my browser proxy configuration

I have checked that the proxy listener is active and have configured my chosen browser. But when I visit the web page by Google Chrome and safari , the http history gets nothing.However, it's works on Firework! I don't know...

Scan via Intruder and update one parameter

Hello Team! Apologies for the vague subject...been trying to figure out a way to scan a JSON request but also updating a value to be unique upon each request. In general, I have a request like this: POST /foobar...

BSCP Exam with another account than I have Burp Suite Pro on

Hello, I have the BSCP exam voucher on my personal account but is using the Burp Suite Pro license provided by my work. So I have the pro version however it is not in the same account that I planned to take the exam...

Server side endpoint doesn't trust Burpsuite certificate

Hi there, I have an mobile application when it is not proxied I can view them normally. However, when I managed to successfully intercept the traffic, I can only see the request, the server side always returns 403. In...

burpsuite ram usage

burp is using high ram usage it takes all ram and the lab freezes it takes all ram after 1 minute of startup i'm using kali linux , i've tried a lot of solutions but i still have the same problem , plz help me i cannot do...

Want to see and modify the referer header.

I want to see and modify the referer header , but I am not able to view the referer header in the proxy -> intercept tab even when the box is checked in the match and replace settings for proxy. P.S. I am a beginner so may...

CORS vulnerability with trusted null origin: Origin header null for XHR request made from <iframe> with sandbox attribute

Hello everyone, I am doing Lab CORS vulnerability with trusted null origin and bypassing this using iframe along with sandbox attribute. I read this article but still find it confusing:...

Lab: H2.CL request smuggling

The H2.CL lab is not working for me as it should be. I'm trying to probe the application if it is vulnerable, but the test as described in the solution is not working. I get responses with http 200 and not 404. I attached...

More information on BChecks structure

Currently my created BCheck only shows the Advisory tab. I would like to also have "Request", "Response" and "Path to issue" like the dashboard but the documentation does not show how to do this. Is there a timeline for...

Lab: Broken brute-force protection, multiple credentials per request - Solved in a different way

Hello everyone, I would like to contact with someone in staff since I think I have found a different way to solve the Lab mentioned in the subject. It does not imply the json format; as a matter of fact imagine my face...

Use Dastardly with Session cookie or username and password

Hello, I read the documentation for Dastardly and I saw that you mentioned that Dastardly does not handle login procedures. Is it possible to add a command to use a cookie session or username and password? I am working with...

"Specify the details of the server to which the request will be sent burp suite"

Hi there! I am new to BurpSuite, and its an awesome program, but i recognize that i have one problem... Whenever i input page coda into a repeater, and try to "send" it, it comes back with a message saying "Specify the...

activation error

I have a problem with "no more activations allowed". Can I get assistance?

Burp Browser is not available in this execution mode

"Burp Browser is not available in this execution mode" I get this when i try to launch the Burp browser. What does this mean and how do i fix it?

Scan Event driven application in burp suite

Hi Portswigger team, Hope you guys are doing well. How do i scan an application that is event driven (to perform certain actions in a certain order in order to reach certain areas of the application?) using burp...

Audit items one at a time

Hi, I am trying to scan an application, & the application has a complex login sequence which I have recorded in the login script. The login mechanism contains 5-6 steps to log in the application. In the audit...

Crawling and auditing Application having captcha verification

How can I crawl and audit application having captcha verification during login

No more license activations allowed

We're doing another round of laptop refreshes at our company and we're getting the "No more license activations allowed" errors. Can we have this increased? Thanks!