How do I? - Page 6 - Burp Suite User Forum

License activation

Hey, I try activating my license and it says "no more activations allowed for this license". I've had 3 different laptops at this job, this being the third, and I need burpsuite pro. Not sure how else to solve this problem...

I don't understand business logic vulnerabilities image example in the web

In the portswigger web-security section: https://portswigger.net/web-security/logic-flaws The following image is used to describe the business logic...

Bypassing access controls using email address parsing discrepancies

I have tried every technique outlined in the paper and have tried both collaborator link as well as email client address. I have no feedback outside of status messages. I have gotten Blocked due to Security Reasons and...

reset lab progress

Hi there support. Can you please reset all my lab progress? Thanks in advance.

Using Burp's built-in browser to visit website but no traffic is showing up in target/proxy

Hello, not sure what I am doing wrong but I am using Burp's built-in Chromium browser to visit a website that I want to do some testing on and nothing is showing up in the traffic history. It doesn't matter what website I...

Academy Reset Labs

Hello, Can you please reset my progress on the labs and learning materials?

To reset all my progress labs

I want to solve again all lab so reset my all lab that i have solved

Issues on the proposed solution to Lab: Forced OAuth profile linking

I have tried both iframe and img tabs in burp's browser and others. I have tried switching to incognito, but that doesn't help either. I have tried multiple ways to deliver the payload, but it seems like the user doesn't...

Lab: HTTP request smuggling, basic TE.CL vulnerability

Hello! Can you help me understand one interesting moment in this lab? In this lab, smuggling request will be succesful. POST / HTTP/1.1 Host: 0a5e00970446a1b38002d12d005f0084.web-security-academy.net Sec-Ch-Ua:...

Issue with Collablorator

Below mentioned is the health check of my burp collaborator, I am using v2024.7.6. Initiating health check Server address resolution Success Server HTTP connection Error Server HTTPS connection (trust...

cannot access labs

Burp Suite Community Edition Error Could not create new HTTP/2 connection

What can i do to resolve this issue "Secure Connection Failed"

I am using firefox in kali linux,i have imported my certificates and also configured my browser...all went well yesterday i was able to accesse both HTTP and HTTPS sites..but all of a sudden when i used it today it shows the...

no more activations allowed for this license

Hi team, could you please help on this issue.

API Scans

Hi everyone, how are you? I trying to scan API in my environment, and I have a question. I've already run scans on a few different APIs, and I haven't gotten any significant results from any of them, and the scans only...

Exploiting an API endpoint using documentation Lab Trouble

I am trying to complete the first exercise in this lab and whenever I try to update the email I get the error - `undefined: Malformed URL: query only supported with GET (undefined)` Is something wrong with my burp...

Cloudflare issue

I am having an issue when proxying traffic between a mobile app and a back-end server that is behind Cloudflare. The error is: 'The client failed to negotiate a TLS connection to x.x.x.x:8080: Remote host terminated the...

Is there some different configurations required for intercepting Flutter and ARM based mobile application

I'm not able to intercept the traffic of the ARM android application, however i can clearly see traffic passing via wireshark. The application does not have ssl pinning and burp is properly configured with emulator as i'm...

Flutter Based Android Application Traffic Interception

Can you give a suggestion that how can I intercept the traffic for flutter based android application with burpsuite. Note that It doesn't have SSL Implementation in the application. Please suggest me a solution for...

How to use burp with flutter based Android applications

Any tips while pen-testing Flutter based Android apps? Since it ignores system proxy and user/system CA certificates you cannot use burp suite easily.

unable to access The web application hackers handbook link

hello everyone, I am reading and practicing from the portswigger academies The web application Hackers handbook. If you are a old user of portswigger academy you know that in early time the url to access this was like...