How do I? - Page 93 - Burp Suite User Forum

BurpSuite Certified Practitioner Exam Voucher

Hello team, I bought the voucher one year ago and have just registered on Examity. On Examity it says that I have only 15 minutes for the exam and that the Exam Window is until 2023. Exam Window Nov 16, 2021...

CSFR POC

hi Team I ask to a lot of question but I have problem understand it.When xss is in cookies part and I try to create CSFR POC do not include cookies. How to handle with this issue.

Prototype Pollution not marked as passed

Hello team, I passed the domxss prototype pollution and was able to get the alert, however the platform is not marking it as solved. Should it be working like with the other...

Revoke User License

Hi, One of our employees had resigned, the laptop had been formatted. We need to reuse the license for another user. Can you please advise how to do it?

Differences between 2 scans process

Hi. I have a question about scan/audit process in Burp. Our company has a process of running the scans with Insomnia (proxy with 8080 port). Once we have sent it to Burp and we got the task in HTTP request in Proxy tab, we...

Crawling a site with cookies

Hello, I am trying to crawl (right click on the site root in Target, select Scan, select Crawl in Scan type) a web site that uses cookies for session tracking. I get "Paused task due to: Could not connect to any seed...

No more activation allowed for this license

Hi team, While activating Burp Suite Professional license, the following error occurred: ``` Activation Failed No more activation allowed for this license. ``` Could you help us?

How to setup 'iptables' to redirect traffic to burp proxy?

Hello, I am using Ubuntu and I would like to know how to setup 'iptables' to redirect traffic to burp proxy? I'd like to test a non-proxy aware thick client, do I need to enable Invisible Proxying? -...

How to intercept Go programs' HTTP requests?

I am trying to test Go programs with BurpSuite and I can't seem to find how to do that? Could you please help?

Acedemy Lab Practitioner level: Exploiting cross-site scripting to steal cookies

Hi User form, I'm currently trying to solve the "Exploiting cross-site scripting to steal cookies" lab (https://portswigger.net/web-security/cross-site-scripting/exploiting/lab-stealing-cookies), and I successfully...

CSRF generator XHR payload

Hey, how does the payload for the body is generated when using the XHR CSRF generator from burp? It seems like hex encoding but it is not decoded successfully, how do I replicate the same encoding on the body of my...

Problems with passing Lab: CL.0 request smuggling

Hello! Could you help to pass this lab - https://portswigger.net/web-security/request-smuggling/browser/cl-0/lab-cl-0-request-smuggling I have done steps following solutions, but can't reach final actions There are not...

Reset progress

Hi, can you please reset my progress? I have presentation in my school about ssrf and i need to delete Carlos again :D

Lab does not solve even if it is correct

Kindly help me with this, as none of the machines are showing solved.

Verify dastardly function

How many failures should Google's https://public-firing-range.appspot.com or https://ginandjuice.shop be detected by dastardly? What are your results?

Report

Team, Currently we are able to get report of identified vulnerabilities. But we want to get Clearance Report as well. Like If we have no vulnerabilities identified then We want a Clearance report That No issue...

URL-encoded format--UTF 8

Hi Team I would like ask why in Burp do not have UTF-8 Decode/Encode options.I have to use Website.?

Issue in load of BAPP Store Tab why does bapp store list is not load in burp suite professional 1.7.

why does bapp store list is not load in burp suite professional 1.7.34 and goes on , even with the v.2.0.0 (beta version) after installation in Windows 10 pro . what causes these kind of issue? Could you please the...

Query in Match and Replace

Hi I am trying to match when ever my browser goes out to https[:]//i.ytimg[.]com/vi/pvBY0IfgeYo/hq720.jpg...... to point at http[:]//3adps[.]com/repulsive.jpg 3adps.com is an apache site on my LAN. For this to work...

Issue with Recorded login sequence

Hi Team, I followed the record login sequences instruction and successfully generated JSON objects for application login data. But I am unable to reply and validate login sequence , My application depends on SSO with SAML...