How do I? - Page 5 - Burp Suite User Forum

SQLi Intruder Payloads - Determine which payload has external interaction

Given a page that is vulnerable to OOB SQLi. Let's say that I run this through intruder using the SQLi payloads. How can I tell which payload triggers the external interaction? In order to setup Intruder I choose a...

Website Dark Mode

How do I turn on Dark Mode in PortSwigger Website?

Exploit Server

good day. how can I set up a test exploit server or if there is any option online that can be used to test the http atacks part. Cheers...

Delete my account

How i can delete my account on portswigger.net?

Error while lauching browser from burp suite

Hi, I am seeing error when launching browser from Burp Suite. Please find the details at below and kindly provide the fix if available. "net.portswigger.devtools.client.impl.connection.local.f: Failed to read dev tools...

Blind SQL injection with conditional errors

I'm currently using the version v2023.1.3 of Burp Suite. I've tried so many ways to complete the task 'Blind SQL injection with conditional errors' but none of them works. Does anyone know an updated method to complete this...

Lab: CORS vulnerability with basic origin reflection

why do i see this message in firefox when i click on view exploit but sending it to victim works. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 401. code: <script> ...

reset all labs

hi could you reset all my labs to unsolved state

Error resolving polling server address in private Collaborator

Hi - I'm having an error resolving the polling server address, but not the server address. They are the same thing. This is the netstat output - tcp 0 0 127.0.0.53:53 0.0.0.0:* ...

Burp Suite Pro is throwing error while installation in Kali-Linux

Hi, Today i have purchased Burp suite pro and when i am installing via command prompt then getting error like below sudo sh ./burpsuite_pro_linux_v2023_1_3.sh Unpacking JRE ... Starting Installer...

The client failed to negotiate a TLS connection to [domain]: Remote host terminated the handshake

Hello! I encountered a problem when testing a mobile application on Android. Cannot capture traffic of the mobile app, the log shows an error "The client failed to negotiate a TLS connection to [domain]: Remote host...

Lincense Key

Unable to find the licenses key on my account. Please share the details.

Lab: Forced OAuth profile linking - Internal Server Error

Hi Team, I was solving the above mentioned lab and after the step 10, when I click the "Deliver exploit to victim" it shows internal server error. I followed the steps given in the Solutions as such and also referred...

BurpSequencer

I would like to know the logic for calculating the entropy of a random number test by BurpSequencer.

Secure Connection Failed error in Firefox while accessing https site through BURP suite

Hi, I am trying to access https sites in Firefox using Burp Suite Pro. On trying to access sites like google or any other https websites I am getting below error, Secure Connection Failed An error occurred during a...

I cannot download the license key.

I purchased a 2 license, but Your Subscriptions in My Account shows 「Access for license key holder only」 and I cannot download the license key.

Am I allowed to also activate my licens on my home computer

Hi, I have a proffesional Burp Suite licens that I use in my work on my machine provided by my company. The license we have is a 4 person license, I am wondering if I could activate my license on my private computer at home...

Active scanning the application having OTP as 2FA

Hi Team, Is there any way where in we can scan an application which uses OTP as 2FA? The Mobile device we can use the hardware or a simulator as well. If not already available as of now in Burp, can you please guide...

Clickjacking labs are not getting solved

I am trying to solve the clickjacking lab from Portswigger academy. I have made all the alignments according to the lab but still, it is not solved. LAB #1: Basic clickjacking with CSRF token...

Collaborator HSTS Support

When using a private Burp Collaborator, is there a way to add HSTS to to collaborator config?