How do I? - Page 73 - Burp Suite User Forum

Generating HTML Report When burp has been executed from commandline and doing live passive scan

My requirement is to do a passive scan (command line) while my Selenium Functional UI tests are been executed and post execution Generate an HTML Report of all the Issues encountered. Following steps I have managed to...

Burp browser keep loading for ever

Hi when I practice on site like https://www.google.com/ and intercept is on the browser keep loading for ever why is that ?

Cannot activate license key

I received an email saying "You've been assigned a license key for Burp Suite Professional". It said to log in to my PortSwigger account, download my license, and the download the latest version of BurpSuite. I downloaded...

How do I get "pretty print" in my Custom Request Editor Tab

Hello, I am implementing a Custom Request Editor Tab to handle deserialized data. I am following your guide here:...

gRPC proxy from Postman

Hi, I have a gRPC service that is hosted both locally and remote server. I was able to get the API calls to postman. However, when I try to proxy postman via burp, I'm getting following errors, localhost...

"Lab: 2FA bypass using a brute-force attack" working correctly?

Hello guys, can someone confirm that the lab "Lab: 2FA bypass using a brute-force attack" is working correctly? I've actually done everything exactly the same as stated in the solution, but with no luck. I've...

Learn properly as a beginner im really struggling with this

I am really struggling with all of the labs as a beginner but really want to learn what can i do? shall i watch you tube videos instead or any advice thank you

Lab: CL-TE request smuggling lab is not working with the official solution

POST / HTTP/2 Host: 0a6f004904bb0b7282f5067100c70057.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-Length: 6 Transfer-Encoding: chunked 0 G I am referring to your March 14th,...

LAB - Stored XSS into anchor href attribute with double quotes HTML-encoded

I am getting the alert pop-up for lab "Stored XSS into anchor href attribute with double quotes HTML-encoded", but i am not getting any congratulation message nor the lab is showing as solved.

This site can't be reached

I am using ios software version 13.6. i install burp certificate as well. when i open browser and try to search its intially showing some gui then after sometime its shows this error.This site can't be reach.

Burp license activation issue

Hello Team, We have bought 4-user license for BurpSuite Professional but we could only activate 2 licenses and we are getting error as "No more activations allowed for this license when tried to activate license for 3rd...

Out of scope requests still showing up

I thought I changed all the settings to get burp to only intercept requests for the target. However, other requests from outside of scope are still being intercepted. I have to click through all these requests and it is...

Where are the burp enterprise logs located for auditing the own logins/deleted scans/modified scans ?

Is there a file where is saved who try to log the burp enterprise web server with all the information about ip source and what user and password he tried. Also what user and ip source deleted an scan or modified...

Practice test

I am not able to load the practice test in my virtual machine but I'm able to load it on my host machine. I need to load it in my virtual environment so I can use burp proxy.

Exploitation of Cross Site Scripting via Burp Suite

Hope you are doing well We are using Acunetix Web Application Scanner for Vulnerability scanning we have scan our target application and get the below result of cross site scripting...

Lab: SSRF via flawed request parsing

Hello. I am very confused with this lab. I originally thought I was doing this lab correctly but when I ran my intruder attack the status codes and content length were all the same indicating that none of my requests has the...

Burp Intruder

I'm trying to troubleshoot my Burp Suite pro intruder scan. It is running slow, and I get errors on several request. how can I fix it?

Send the email submission request to Burp Repeater, add "roleid":2 into the JSON in the request body, and resend it.

how do i change the role-id once i have sent the request to repeater and in response the role-id is 1. please mention the step to complete this Lab(Access control parameter based) and Yes once i complete the labs i get...

Want to reset all my labs.

As it was long time, I need to try all the vulnerabilities which I did before, so please can you help me with this.

Differeces between Dastardly and Burp Scanner

Hi, I'm studying some DAST solutions to use in the pipelines of my company and see that PorSwigger provides two options for that: Dastardly and Burp Scanner. Can someone tell me more about the differences and pros and...