Burp Suite User Forum

Login to post

Open more than one instance on Mac

Hello, I'm a new Mac user. When I was on Windows, Burp files got too large, so I'd refer back to the older file by opening it in a new instance. I can't find how to do that on Mac. I'm stuck with only one instance. Does...

Last updated: Nov 07, 2022 07:15AM UTC | 1 Agent replies | 0 Community replies | How do I?

How can I explain to the customer about false positive (Command Injection Fortify), Can you help me?

private void carregarProps() { props = new Properties(); FileInputStream file = null; try { file = new FileInputStream( ...

Last updated: Nov 04, 2022 01:56PM UTC | 0 Agent replies | 0 Community replies | How do I?

Active Scan issues

Hi Team, I am using Burp Suite Professional version. The application which I am testing has a multifactor authentication which is quite complex. So, as to scan the application I have used recorded login sequence. While...

Last updated: Nov 04, 2022 01:56PM UTC | 1 Agent replies | 0 Community replies | How do I?

Turbo Intruder CLI java.lang.NullPointerException

Hi, i used this: java -jar turbo-intruder-all.jar sc.py req.txt https://www.google.com foooo and output is: Please note that Turbo Intruder's SSL/TLS handling may differ slightly when run outside Burp...

Last updated: Nov 04, 2022 09:50AM UTC | 0 Agent replies | 0 Community replies | How do I?

Is it possible to intercept CLI requests without exporting http_proxy?

Hello, Is it possible to intercept CLI requests without exporting http_proxy?

Last updated: Nov 04, 2022 09:10AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do you know which machine/ip initiated the request when viewing target->site map info?

I'm running automated tests on 4 machines that are going through the Burp proxy, and when looking at the request, I was wondering which machine/ip initiated it. I don't see this info anywhere. Is it not something that gets...

Last updated: Nov 03, 2022 04:16PM UTC | 2 Agent replies | 1 Community replies | How do I?

burp_infiltrator_java

hi Team Do you have any movie how to use infiltrator.I created file but this file should be insert in testing website or on my computer disk. I'm not smart person sorry.

Last updated: Nov 03, 2022 02:41PM UTC | 4 Agent replies | 3 Community replies | How do I?

reCAPTCHA not appearing when using Burp as a proxy

When using Burpsuite Pro as a proxy the reCAPTCHA is not appearing on my client's form, and I can't submit requests. I am wondering if there is a Burp setting I need to set, or if there is a security feature in reCAPTCHA...

Last updated: Nov 03, 2022 12:54PM UTC | 7 Agent replies | 7 Community replies | How do I?

No more activations allowed for this license

Hi, I tried to activate my Burp Suite Professional license on a new VM but encounter "No more activations allowed for this license" error. Could you help provide some additional activations? Thank you.

Last updated: Nov 03, 2022 07:52AM UTC | 1 Agent replies | 0 Community replies | How do I?

Invoke a Burp extension for every proxy request

Hi, I want to invoke the "Content-Type Converter" Burp extension for every in-scope request that goes through my proxy. Is there anyway I can achieve this without having to write another extension? In this case...

Last updated: Nov 02, 2022 03:08PM UTC | 7 Agent replies | 8 Community replies | How do I?

Weird Characters in Request Data

While intercepting an android application data i get this weird character in the request. I have installed the certificate on the system of the android device and i can bypass SSL pinning but i get this when i try to do a...

Last updated: Nov 02, 2022 02:17PM UTC | 1 Agent replies | 8 Community replies | How do I?

When this Burp Suite Certified Practitioner exam for 9$ offer will expire?

When this Burp Suite Certified Practitioner exam for 9$ offer will expire? Will this voucher be valid for 12 months as you specified on the faq page?

Last updated: Nov 02, 2022 11:09AM UTC | 3 Agent replies | 2 Community replies | How do I?

Some requests have no response in the site map, is this a mis-config issue or a problem?

I'm running automated tests on 4 machines through Burp, and most of the request are getting responses, but I'm noticing many that are not. I only do this kind of test every year or so, and with all the changes to Burp...

Last updated: Nov 02, 2022 10:16AM UTC | 1 Agent replies | 0 Community replies | How do I?

How do I intercept cli without exporting the environment variables?

Hi, How do I intercept cli without exporting the environment variables? i.e. export http_proxy=http://127.0.0.1:8080? Thanks.

Last updated: Nov 02, 2022 08:50AM UTC | 2 Agent replies | 1 Community replies | How do I?

Microservices scanning

Does Burpsuite professional has the capability to scan Microservices? If yes, kindly provide some details on how to scan microservices.

Last updated: Nov 01, 2022 04:41PM UTC | 1 Agent replies | 0 Community replies | How do I?

Configure Burp to avoid untrusted connection message

Hi, I am trying to use burp suite with kali and for some reason when using the proxy i can't intercept any site due to untrusted connection message.Adding security exception does not help, also tried exporting and importing...

Last updated: Nov 01, 2022 01:21PM UTC | 11 Agent replies | 16 Community replies | How do I?

Burpsuite Enterprise Graphql Query

Hello, I am trying to create a new scan configuration via GraphQL API. The graphql has no error but I am getting one still. Query : mutation CreateScanConfiguration { create_scan_configuration( input: { ...

Last updated: Nov 01, 2022 10:09AM UTC | 2 Agent replies | 2 Community replies | How do I?

Set the significance level for a Sequencer

Hello, I read the following article https://portswigger.net/burp/documentation/desktop/tools/sequencer/tests and I can't seem to find any documentation regarding setting the significance level. Thanks

Last updated: Nov 01, 2022 08:56AM UTC | 1 Agent replies | 0 Community replies | How do I?

Finding Sensitive API Keys

Dear all, I have just started using the burp suite and bug hunting in general. While reviewing a site, I noticed that some API keys, including NREUM and Bootstrap are exposed. I am trying to find vulnerabilities and could...

Last updated: Nov 01, 2022 08:35AM UTC | 1 Agent replies | 0 Community replies | How do I?

Proxy not working as expected with certificate-enabled website

Hi all, So I have a website that I'm attempting to delve into...let's call it "https://stupid.com/target". The website requires a selected client certificate when you first visit the page (which I have imported into the...

Last updated: Nov 01, 2022 05:56AM UTC | 2 Agent replies | 2 Community replies | How do I?

Page 5 of 255

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image