How do I? - Page 9 - Burp Suite User Forum

I am working on the lab " User role can be modified in user profile "

when I change the role id to 2 however i get an internal server error POST /my-account/change-email HTTP/2 Host: 0a5a007703e1b1f281891199006e0050.web-security-academy.net Cookie:...

Username enumeration via response timing

The final step of the LAB I am not getting the 302 response in practical lab. Is anything I am missing. On the "Payloads" tab, add the list of numbers in payload set 1 and add the list of passwords to payload set 2....

BSCP EXAM

Hello how much time do i have to do the exam , so the voucher expires or it does not expire?

Unknow Host Problem

1)- Go to your firefox settings, and then open Network Settings. 2)- Go to Connection Settings, and then Activate(Use System Proxy Settings), Not manual. 3)- It worked for me, I hope it works for you too.

How do I perform API scanning?

I have a Backend REST API application that I want to scan. I am following the steps in https://portswigger.net/burp/documentation/desktop/automated-scanning/api-scans. It says "To run an API scan, click New scan > API scan...

Activation failed

Hi, I'm getting 'no more activations allowed' error message. Could you please help me reset the activation? Thanks!

I am unable to create a password for my account

Hi team, I am unable to create a password for my account as it always need to retrieve the temporary password from the forget requests. As couldn't access the labs as i need password to login in the burp browser to complete...

CSRF where token validation depends on request method

Hi, I have a problem with solving CSRF where token validation depends on request method in Burp professional version. This is my code from exploit server aned I have changed email in the code.Do you have more information...

i need help with burp suite's in browser

I'm doing the Portswigger web academy and am trying to use burp suite's in browser. when i open the browser it's just a basic page. if i try to access the web academy labs in the browser, it asks me to log in to portswigger...

Rest my labs & material progress

Dear portswigger, Kindly you help resetting my labs & material progress Best regards

Solving Lab: Blind SQL injection with out-of-band data exfiltration without Burp Pro

Hi, idk if this is the right place to ask these kind of questions, so I apologize in advance for that. I'm trying to solve "Lab: Blind SQL injection with out-of-band data exfiltration"...

Reset all my lab progress

Hey team, please reset all my labs. Thank you

RE: Unable to save Burp Projects

Hi Team, I am unable to save the BurpSuite project file and getting error like Failed to save project. "class javautil. HashSet cannot be cast to class burp.Zk (java.util.HashSet is in module java.base of loader...

Javascript based redirection not working while using burp proxy.

A module in the application is on another subdomain. While clicking on that module the application uses javascript redirection to the different subdomain but it does not open that module and redirects to the application...

Burp Academy Lab says secret is not correct?

Hello For the "Web shell upload via Content-Type restriction bypass" Lab I have uploaded a web shell and can read the secret file in /home/carlos but when I submit it with the solution button it says it is not correct....

Reset all my labs

Hi team, Could you please reset all my labs? Thank you, Marko

Activation error

I get a message "no more activations allowed" and cannot activate it. Can you help me with this problem?

Reset All Learning and Labs

Hello, I want to reset all learning and labs progress.

Use macros and session handling with parameters in json

Hi, I am trying to configure macros and session handling to keep me connected on an application using auth0. I have to chain request and pass answers parameters value to next requests to be authenticated. It works...

Exploit Server in the Labs

So I know we have the exploit server in the labs where it can automatically store and deliver exploits to the victim web application. What would be an alternative in the real world of pen testing when we do not have a full...