How do I? - Page 8 - Burp Suite User Forum

How do I stop burpcollaborator hitting my site?

I am running some servers for personal use and have never used burp suite or any of your tools. But my nginx logs are showing loads of hits with burpcollaborator.net in the UA I've blocked the IP they are coming from with...

Reset all labs

How do I reset all my labs

I want to remove my existing activation of Burp Suite Professional License

I want to remove my existing activation of Burp Suite Professional License. We've reinstalled OS on 4 of our systems and we would like to remove our existing license and re-activate on the new system. I opened Burp and...

How to reset my password to a custom password

If i give reset password, i am getting an email and it gives a passwords. Can i change password to something i can remember?

IMPORT .BURP TO BURP ENTERPRISE

Hello everyone, In my environment i have 2 solutions of Burp (Professional and Enterprise), and i have a question. Is possible to import the .burp file project (generated by Burp Professional) to my Burp Enterprise to...

Lab #5: CSRF where token is tied to non-session cookie & Lab #6: CSRF where token is duplicated in cookie issues

Hello, I have been working on the CSRF Labs and I'm having problem with the following labs: - Lab #5: CSRF where token is tied to non-session cookie - Lab #6: CSRF where token is duplicated in cookie issues For Lab...

Lab: URL-based access control can be circumvented

I just have a question about the terminology used in the lab. "This website has an unauthenticated admin panel at /admin, but a front-end system has been configured to block external access to that path. However, the...

Unsubscribe

Please unsubscribe my account "hiroyasu55".

Whole vulneratibility scan on whole host (or subdomain , or sub URL) with the PRO version

Hello, I plan to go for the Burp Pro in the near future, but I have one question. Is it possible to run an injection scan / file upload (without need to specify what kind, SQL, command etc..) on a whole domain (or...

some updates ux on website portswigger

Hello, I frequently use your site and I appreciate the way you organize labs and tests. We are all on a journey of growth and would like to support each other, even with ideas. I have a suggestion that could contribute...

Intruder Question

Hello. I was wondering if there are any hazards to using Intruder.

Passing Smart Card through to OneID Website Accessed via Remote Desktop

Hello, We are using Burp Suite Professional on a remote server, and whenever we attempt to access a website behind OneID with the burp proxy enabled, it fails to read our PIV card. We set it up via the following:...

Delete old items from "Issue Activity" list

I read somewhere that there should be an option (contextual right click" to delete but I don't see it. im on latest 2020-11 build

Use a different Authentication Method and NOT the 'Detected' One during API Scan

Tool: Burpsuite Professional License (Latest major/Minor version) Scan Scenario: Web API scan with authentication using Bearer token and NOT api Key. What Tester did so far: After uploading API definition...

BURP collaborator

how can i fix this problem : The Burp Collaborator client was unable to connect to the Burp Collaborator server that it uses to perform OAST checks. As a result, these checks were skipped for this scan.

Issue with Grep - extract for error message in lab : Lab: Username enumeration via subtly different responses

Hello, On this lab : https://portswigger.net/web-security/authentication/password-based/lab-username-enumeration-via-subtly-different-responses I added "Invalid username or password." as matching string (greb...

Unable to activate burpsuite

I have changed the OS for my system when i tried to activate my burp suite pro with the license key i am getting "no more activation allowed for this license" error. How do I fix it?

unable to modify capture request

Hello, I am unable to edit/modify the intercepted requests even after sending it to repeater.

Clickjacking all apprentice lab

Please Team could you see any problems with my frame script as I tried to solve all three labs and it is not working. One example below for the third lab: frame buster script <style> iframe { ...

[Lab] Multistep clickjacking not being solved

I followed that solution and the community solution, but that lab did not solve the problem. We are using BurpSuite's Chromium to verify the operation. I need you to tell me what you need to do to resolve...