How do I? - Page 79 - Burp Suite User Forum

Active scanning the application having OTP as 2FA

Hi Team, Is there any way where in we can scan an application which uses OTP as 2FA? The Mobile device we can use the hardware or a simulator as well. If not already available as of now in Burp, can you please guide...

Clickjacking labs are not getting solved

I am trying to solve the clickjacking lab from Portswigger academy. I have made all the alignments according to the lab but still, it is not solved. LAB #1: Basic clickjacking with CSRF token...

Collaborator HSTS Support

When using a private Burp Collaborator, is there a way to add HSTS to to collaborator config?

No more activations allowed for this license after renew

Hi, I tried to activate my Burp Suite Professional license on a new VM after renew the license but encounter "No more activations allowed for this license" error. Could you help provide some additional activations? Thank...

How to fix window location href vulnerability

How to Fix the below XSS attack? window.location.href= window.location.href;

Labs - Clickjacing attacks

Hello! When I tried to solve the "Clickjacking" academy labs, I got an error message when tried to see my exploit in the exploit server. I got only this message ""Resource not found - Academy Exploit Server" error...

Not able to load https site

I am not able to load the https sites. I have successfully installed the Burps certificate but still am not able to resolve the problem. However the sitemap is getting populated by the https site i am navagating.

BURP simply won't intercept a specific request (bug/"how do I")

Hello, In the course of analyzing a web application, that application makes a GET request to a URL in the form of https://application.whatever/target_url?param=lots_of_base64_encoded_data. For some reason, even with...

BSCP Exam - Linux host and Windows VM/2 machines

Hello, as Linux is not supported by Examity, can I use Windows VM to verify myself and do the exam on my Linux host? Or it has to be Windows host? If yes, then can I use 2 computers, one with Windows to pass...

Could not start burp : java.lang.nullpointerexception

Hi everyone, I am using nethunter using termux version - 0.118.0 Nethunter - VERSION PRETTY_NAME="Kali GNU/Linux Rolling" NAME="Kali...

Open JDK Compatability

Hello, I am using Burp Suite Professional 2023.1.2. Recently I've received some vulnerabilities from Tenable that are advising me to upgrade Open JDK to a version higher than 17.0.3. However, I can't find any...

Burp Suite in Kali Linux 32-bit

Hi, I used to have Burp in Kali Linux 32-bit. Is it still possible with the last version of Burp? If it is, how can I do it? Thank you!

Burp Suite Pro version 2020.2.1- customize form submission default values

How do we customize the default form submission values in Burp Suite Pro version 2020.2.1? If possible we would like to preappend a custom string e.g. "<company_name_here>_" to each form input value to help our assessment...

How to access user options -> hotkeys Burp 2023.1.2

I was reviewing several posts here on the forum and elsewhere detailing reviewing/adding/editing hotkeys in burp via the User Options -> Hotkeys menu. I cannot find the user options or hotkey section for the life of...

Proxy Issues - client certificate authentication & upstream proxy

Hello, I am trying to connect to a web app that is accessible through a proxy server and that requires client certificates for authentication. When importing the PKCS12 client cert into the browser and setting the...

Academy Progress Reset Request

Hello, Can you please reset my Academy progress... I would like a clean slate:) Mahalo

Issues in using Burp with selenium through code

Hi, We have been trying to integrate Burp with Selenium by adding the burp proxy to the browser settings in the automation solution written in c#. My code is as follows: var directory =...

"Automation using Burp with Selenium"

Hello Everyone, I am working on automation in Burp via selenium. I am accessing Selenium Server and Burp Suite on Linux machine through Pycharm. I am not able to see the Selenium’s traffic going through Burp proxy in HTTP...

Secure Connection Failed Error code: SSL_ERROR_ILLEGAL_PARAMETER_ALERT

When I proxy my traffic though Burp to a specific URL (Community and PRO) I get an error: "Illegal server name, type=host_name(0), name=xxx.com, value={xxxxxxxxxxxxxxxx}" in Burp. My web browser will give the error: Secure...

Burp Pro Crawl

Hello, I'm trying to figure out if I can use Burp Crawler to scrape all of the external websites that exist within a site. I'm building a directory website and I'd like to use Burp to periodically crawl the site for all...