Burp Suite User Forum
I have an application in which tab/url/flows are based on query parameters i.e. only key value change controls the UI/page change base URL remains same so when Burp crawls the application it doesn't records those URL. Is...
Burpsuite Enterprise tried to upgrade to latest version V2024.3 using automatic update. The burp enterprise portal got down and the application is not responding. Restarted both burpsuite enterprise services, also restarted...
good day. how can I set up a test exploit server or if there is any option online that can be used to test the http atacks part. Cheers...
How to generate custom Vulnerable Scanning Report?
Every time I close Burp after saving, all my logs from Logger / Logger++ get erased. The only method that seems to work for me is if I manually export the logs to a CSV file. Is there a way to persist the logs after closing...
Hi. I am not sure whether I am just doing something wrong or if the solution for the lab has not been updated. Firstly, I tried to solve the lab on my own, but after countless "internal server error" responses I tried to...
I need the lab "Web shell upload via Content-Type restriction bypass" to be reset. The /home/carlos/secret file was deleted and no longer available to get the solution from.
I can scan a vb.net application. The deep scan ran for 15 hours We also have vue applications. The deep scan only ran for about 15 minutes. Has anyone had luck running the Professional version deep scan on a vue...
Hi all. Using my credit card I want to purchase three BSCP exam vouchers for three engineers on my team. Is this possible to do this in one transaction? If NO, assuming I have to go through this process three times? =>...
Issue: Always getting Error Unknown Host regardless of website visited in Burp Browser. Trying to load lab Detail: I am attempting to connect as I did the day prior, on the same connection. Again, this has worked...
So I've done this three times so far, using Burp Suite Pro (2024.1.1.4), and I'm having no luck. I'll avoid spoilers, but the short answer is that all the responses I get are HTTP 200, no 302 in sight. I've gone though the...
Hi, On this page, the video explains testing for SQL injection. When scanning, there is one SQL injection vuln with only path /filter. But when accessing HTTP History, appear parameter:?category= Can you explain...
Is it possible to write BChecks script to detect SSL weak cipher suites used in web server. https://github.com/projectdiscovery/nuclei-templates/blob/main/ssl/weak-cipher-suites.yaml Need help to convert the above...
Is it possible to change a HttpHeader on the HttpRequestResponse selected via a ContextMenuEvent in a Reapeater tab?
i am trying to solve this lab Lab: Developing a custom gadget chain for Java deserialization . When i am trying to serialise java cookie i am using your githup main.java in repl.it but i am getting an...
Greetings. I was recently working on a blind SQL vulnerability (oracle database). There was 3 vulnerable parameters on the same request. However burp scanner could not always identify the vulnerability and when that happens...
Is there a way to restrict false positive action to particular user or group may be using Role.? or if there is another way by which i can restrict False positive marking of issue for user(s) let me know. I tried...
when I change the role id to 2 however i get an internal server error POST /my-account/change-email HTTP/2 Host: 0a5a007703e1b1f281891199006e0050.web-security-academy.net Cookie:...
The final step of the LAB I am not getting the 302 response in practical lab. Is anything I am missing. On the "Payloads" tab, add the list of numbers in payload set 1 and add the list of passwords to payload set 2....
Hello how much time do i have to do the exam , so the voucher expires or it does not expire?
Page 8 of 311
Your source for help and advice on all things Burp-related.