Burp Suite User Forum

Login to post

Web pages don't load through proxy, is this normal?

My problem is something I expected to be rather common, but apparently not. I have set up Burp Suite with Firefox and have used all the correct settings, and it is connecting to the proxy on 127.0.0.1:8080. The Burp Suite...

Last updated: Dec 23, 2021 11:20AM UTC | 15 Agent replies | 19 Community replies | How do I?

LAB: Exploiting HTTP request smuggling to perform web cache poisoning

Hello everyone! Im having troubles with this lab. I tried even to follow the youtube videos to get with the solution and not even that helps. Im getting a 400 and {"error":"Invalid request"} I tried also to switch...

Last updated: Dec 23, 2021 12:43AM UTC | 4 Agent replies | 5 Community replies | How do I?

Digest Auth in Burp was removed?

Hi, What happened with Digest authentication support? https://portswigger.net/burp/documentation/desktop/options/connections "Supported authentication types are: basic, NTLMv1, and NTLMv2" In the previous versions...

Last updated: Dec 22, 2021 12:18PM UTC | 4 Agent replies | 5 Community replies | How do I?

Any Solution to "Network Protocol Error" in Firefox while Using Burp!

Hi Guys, I've been seeing an error on some websites while using burp the error on firefox goes like --- Network Protocol Error An error occurred during a connection to target.com. The page you are trying to...

Last updated: Dec 22, 2021 11:31AM UTC | 1 Agent replies | 0 Community replies | How do I?

scanning ip ranges ?

Hello, given we have set of ip ranges to scan. how i can do with burp to set different ip ranges in the target scope ? can someone advise ?

Last updated: Dec 22, 2021 08:18AM UTC | 1 Agent replies | 0 Community replies | How do I?

Find and replace with $ sign in replace not working

I am attempting to use find and replace to replace the user agent string with a jndi payload. However the dollar sign in the replacement string causes the replacement not to work. For instance: Match:...

Last updated: Dec 21, 2021 07:19PM UTC | 2 Agent replies | 2 Community replies | How do I?

Browser doesn't load any page

burp's embedded browser doesn't load any page. I tried with intercept off and on and I checked the proxy setting. after starting to load a page after a few seconds loading stops and there is a white screen on the browser

Last updated: Dec 21, 2021 06:58PM UTC | 2 Agent replies | 1 Community replies | How do I?

Stop scan

I need to stop scan on paticular GET/POST keyword. If web page says: "Error. Could not find..." I want previous GET/POST. To stop at that message.

Last updated: Dec 21, 2021 10:44AM UTC | 4 Agent replies | 3 Community replies | How do I?

Upgrade Burp Enterprise, Linux Distro

Would anyone have a link to detail the steps in upgrading Enterprise Edition within a Linux environment? My current version is; 2021.12.1-8680, Java version: 11.0.10 Any advice appreciated.

Last updated: Dec 21, 2021 10:02AM UTC | 1 Agent replies | 0 Community replies | How do I?

GraphQL mutation for extensions

Does graphql support mutations of a given site to add an extension?

Last updated: Dec 21, 2021 09:13AM UTC | 1 Agent replies | 0 Community replies | How do I?

Can my employer purchase the exam for me?

How can my employer purchase the exam for me? Don't you have something like a voucher system or can you email us a quotation?

Last updated: Dec 21, 2021 08:59AM UTC | 1 Agent replies | 0 Community replies | How do I?

Is there some different configurations required for intercepting Flutter and ARM based mobile application

I'm not able to intercept the traffic of the ARM android application, however i can clearly see traffic passing via wireshark. The application does not have ssl pinning and burp is properly configured with emulator as i'm...

Last updated: Dec 21, 2021 08:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

Cannot access the web security lab

I can not access any lab on your website using Microsoft Edge. When i click "Access the lab", it shows the error message is "ERR_CONNECTION_TIMED_OUT". I tried another device and browser but they have the same issue. Can...

Last updated: Dec 21, 2021 08:12AM UTC | 2 Agent replies | 2 Community replies | How do I?

plaintext password

Hi there, if I capture a login request and view a password in plaintext form, would this indicate a vulnerability? Considering that if you capture it in some applications like facebook it will appear encrypted.

Last updated: Dec 20, 2021 02:19PM UTC | 1 Agent replies | 0 Community replies | How do I?

Scan DIV class

Hi! I need to scan just a part of web page - DIV class. This class is changing time to time, and I want to find how and when it changes. It shoud be random, but I don't think it is. For example, clock on web page changes...

Last updated: Dec 20, 2021 01:40PM UTC | 2 Agent replies | 2 Community replies | How do I?

Burp Pro isn't intercepting HTTP requests from Terminal

Hello, I am using Burp Pro and it doesn't intercept any HTTP request from Terminal on my macOS. Help me, please. Thank you.

Last updated: Dec 20, 2021 11:54AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do i restore an automatic backup of internal database on Burp Suite Enterprise?

I dont find the way to restore a backup of embedded database of BurpSuite Enterprise. Thanks in advance.

Last updated: Dec 17, 2021 05:13PM UTC | 2 Agent replies | 1 Community replies | How do I?

Why simple quote is necessary in SQL Blind Injection using TrackingID?

I'm in first lab of Blindd SQL Injection and payload for test is: TrackingId=xyz' AND '1'='1 Why is necessary this quotes in '1' and '1?

Last updated: Dec 17, 2021 02:51PM UTC | 1 Agent replies | 0 Community replies | How do I?

Questions about licensing

Hi. Please let me know about the license of Burp Suite. I am aware that the Burp Suite license is to be installed on the device after purchase, but do I register an account with the user of the license? Since the user...

Last updated: Dec 17, 2021 11:11AM UTC | 2 Agent replies | 1 Community replies | How do I?

Would Burp Suite Professional detect log4j vulnerability?

We use Burp Suite Professional for regular scans of our application. Is there a guarantee that the scan tests for the log4j vulnerability?

Last updated: Dec 17, 2021 08:45AM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 5 of 214

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image