How do I? - Page 59 - Burp Suite User Forum

Configure authorization headers to test REST API endpoints

Hello, I have a project where i should automate pentests on REST APIs so using the BURP REST API with python i gave it the URLs with its endpoints and started the scanning but i noticed that in all requests sent it does not...

BCheck: Control HTTP Protocol (HTTP/1.0)

I've written a BCheck checking for IIS exposing internal IP addresses. The request is sent to certain locations and must be sent using HTTP/1.0 with no host header. I have the variable "potential_path" set to known...

Lock "Time" column position permanently on the left side?

I like "Time" column position to be on left side, just like Wireshark. So, I move it manually everytime I use Burp. However, whenever I close Burp and open it, the position return to the default which is on the right...

How to remove burp suite fully on debian/kali?

Hi, I found a hidden folder named ".burpsuite" in my /root folder after i removed burp's main program(.jar format) Aside from that,is there any others left folders or files on my PC?

Payload positions ("§") not set automatically anymore in intruder

Hello, My burp stopped to put "§" automatically on parameters' value when I send a request in Intruder. Would you know how can I re-enable it ? Thanks in advance !

JRE error

Your JRE appears to be version 17.0.8 debian burp has not fully tested on this platform and you may experience some problems

BurpSuite Error: failed to negotiate an SSL connection some applications

Hello everyone, I can successfully proxy Android applications using Burp Suite. However, when I try to proxy specific apps that I want to analyze, I encounter the 'failed to negotiate an SSL connection' error. I have...

i don`t give enterprise version

I can't get enterprise version i write to input my e-mail. he write:"Please enter a valid business email address". i write email this accaunt

Is it possible to get a refund for my Burp license?

Hello, so i am pretty sure i did turn off the automatic renew option of the Burp license, but i asked once for new burp licenses because i did setup my pc pretty often and maybe the automatic settings did get set again....

stream error

I am not unavable for last two months to openand use my burpsuite 2023 due to problem of STREAM ERROR PLS fix my problem

Automate grabbing value from response of one request to update part of URL in Intruder attack

When I make a request to website.com the Response contains a DynamicValue that I want to grab and automatically use in my intruder attack at website.com/path/DynamicValue/path2/. Is there a way to does this automatically...

Issue on Linux OS with ARM64 architecture

I am running Burp Suite Community Edition on a Linux OS with ARM64 architecture. I downloaded the latest version and stored the file "burpsuite_community_linux_arm64_v2023_7_1.sh". Then, I executed the following...

CA Not Works

Hi I want to configure burpsuite on my firefox, but it's not working. Only Http works and not Https. Active listener configured: https://i.imgur.com/j4Dk9Kv.png Proxy...

Unable to download burp community edition

Hi Team, Due to some reason the download for the community edition doesn't start. This happens even after clicking the "Try downloading again" link. Tried downloading an older version from the archives with NO success....

How to fix a corrupted project file?

Hey, I had a Burp session running when my laptop restarted itself overnight. After starting new session and choosing and existing project file which was in use before laptop restarted I get information that "selected...

How do I list more than 50 scans with the graphql query?

Hello, I am trying to generate a list of all my scans in Burpsuite Enterprise. I use this basic graphql query: query GetScan { scans { id status } } It is only retuning the last 50 scans, but I...

Scan a Site deployed on my local IIS

Hey am running into an issue, i have deployed my project on my localhost IIS and now i want to scan that. getting this Error "Connection Failed" when i run a pre-scan check. the site url is like...

Do we have these features with Burp

1. Does this support application performance testing (Number of virtual users etc can be created and tested the throughput) 2. Does this supports network and hardware vulnerability scans. 3. Any training video for...

Programmatically Open Burp files and run in-built functions

Hello team, We have Burp Pro license. I would like to programmatically open some .burp files that we have run the in-built "Analyze target" functionality to create reports automatically. Also, to programmatically open the...

Why is my exploit not working for lab: CORS vulnerability with trusted insecure protocols

My exploit works perfectly when I try it on myself but not when I click "Deliver exploit to victim". As far as I can tell mine is functionally identical to the official solution. This is mine: <script> if...