How do I? - Page 89 - Burp Suite User Forum

Exam question

Read the post here https://portswigger.net/web-security/certification/how-it-works#what-the-exam-involves Wanted to ask if during the exam, is it allowed to take written notes and refer to them? Some proctoring software...

Weird need for URL encoding in XSS in CORS lab

Hello, I have been doing the "Lab: CORS vulnerability with trusted insecure protocols". I think I understand the vulnerability pretty well, however, I had trouble getting the exploit to work until I looked at the...

Community update fail. All my cmds should be correct.

Good day. I want to update my community version, and I follow this guide. https://www.cybrary.it/blog/0p3n/updating-burp-suite-in-kali-linux/ I believe I had done everything right, and when I try to open burpsuite in my...

Missing parameter in HTTP Smuggling request lab

Hello! I'm trying to solve the lab 'Exploiting HTTP request smuggling to capture other users' requests' but every time that I send the request the second time to smuggle the comment I receive a error message saying that...

Web cache poisoning using param miner

https://youtu.be/TQ42N8fqxw4 This video was uploaded on yt by portswigger, I have a doubt that I asked in the comments section, looking for someone to answer it. I am basically not sure about the steps to search for web...

What is the best way to go through the Academy learning materials?

I have located the learning path suggestion, but should I finish all of the SQL Injection labs before moving onto Authentication, or should I do just the apprentice SQL Injection labs then the apprentice Authentication, then...

JWT Always Ready

why is my Burpsuite in JWT not showing sign in, always says ready

burp intercept always go to /academyLabHeader

i try some lab and intercept all of it, but in http history its all go to /academyLabHeader

Burp Suite Reports by Standards

Hello, Does Burp Suite report vulnerability results by different security standards? We utilize Acunetix which we use on our AWS Cloud environment and it mentions different security reports. Please see below reports in...

License Issue

Hi Team, Can you please clear all the device licenses as i am not able to active and getting error with "No More activation allowed for this license."

[BlackArch/BurpSuite Community] How to set -Dawt.useSystemAAFontSettings=on for the launcher?

Hello, my JAVA GUI applications have ugly fonts without this setting. In my ~/.zshrc, I added the following line: export _JAVA_OPTIONS='-Dawt.useSystemAAFontSettings=on' This works when BurpSuite is launched from a...

Find Chromium DOM-Invader extension file location and executable file

Hi guys, I’ve had issues with the inbuilt chromium browser, where it would not allow me to use my curser to select anything below the bookmark bar. Due to this I’m trying to find the DOM-invader extension file location to...

Converting text to Json format? Lab Broken brute force protection multiple credentials per request.

Hi Guys, How do you convert the list of passwords to json format please? I tried different converters on google with no success. Thanks, Yan

CICD integration to Concourse

Hello Team, Could you please help with the steps to integrate Burpsuite Enterprise to Concourse.

Android app testing

Hi Team, I hope you are doing well, I need to test the Android mobile application but BurpSuite is not intercepting the requests, Can you please help me?

How do I customize the columns shown in proxy - http history?

I often fuzz web applications with Linux utilities, and send along custom headers so that I can look at the history within burp for easy identification as to what I was doing in the past. The problem is - the "Comment"...

burpsuite browser refuses to connect to proxy server

I am trying to forward burpsuite browser through a proxy server but everytime I try and configure the settings to do so, I get an error message saying to check if another service is using the same port. I am using a socks...

Burp Suite CA Certificate Not Trusted

Hello, I've just downloaded Burp Suite and have configured Chrome to use Burp Suite as my proxy. However, I've tried to install the CA Certificate but whenever I load a https:// URL, I get the following...

access controll vulnerability lab

last two question in access controll lab i can't understand because it say change wiener role to admin but wiener is already admin then how can i change

burp hostname resolution

Hello, i use burp as a proxy in my malware lab for intercepting communication in a VM used as a proxy. I have create two proxy listeners and they redirect traffic to inetsim. https://ibb.co/5LNj5Zf My...