How do I? - Page 94 - Burp Suite User Forum

Tried installing burp enterprise and unable to bring up image

We have tried installing the application using the steps https://portswigger.net/burp/documentation/enterprise/getting-started/unattended-installation We are unable to access the application and getting the logs, Failed...

License Cancellation

I want to cancel the licenses obtained by credit card without using them. How can I do it

How to fetch cookies

Hi Team I have to ask again about how to fetch in Collaborator cookies.I read article in for example form submission you can do this that. <script>fetch('https://YOUR-SUBDOMAIN-HERE.burpcollaborator.net',...

private Burp Collaborator Server configuration question

Dear Team, a. I want to use a self-signed wildcard certificate, is this configuration correct? b. Now the device where the private Burp Collaborator Server is deployed and the website under test are in the same...

Burp suite enterprise instance could not be started

Hi, After an update today, I am not able to access the webserver of the enterprise edition instance - 'Could not connect to Burp Suite Enterprise Edition: Could not connect to database'. Appreciate any help to debug...

Can Burp Pro find areas in a site where a token replay is possible?

I'm not sure I have seen this in Burp Pro auditing crawls I have done but is Burp able to see where a SessionID token can replace an existing SessionID to impersonate a different user? For example, if the cookie in the...

Burpsuite - Jenkins Integration queries

Dear Burp Suite Team, We have integrated Jenkins with Burp Suite Enterprise [We have procured the License]. Context: 1. It takes significant time for the SCANS initiated form Jenkins to be complete, about 8+ Hours,...

How to test web applications that block interception proxies?

Hi, I've been lucky enough to be given a chance to attach a commercial device that runs a web application, somewhere on the server it has some kind of WAF that blocks any interception proxy such as burp suite. How does...

Intercept Traffic From WSL + Send Traffic to Proxychains

Hello, How can I intercept traffic that comes from WSL (Ubuntu) in burp? I've seen some configuration regarding certificate, but none of them applied. AND How can I use Proxychains with BUrp, so command send using...

Can Burp Pro crawl and download the site locally?

While I know how to use Burp Suite Pro to crawl and/or audit a site, is it possible to mirror and download the site locally so that you can search within the site pages for specific things you want to check to see if they...

i want Catch Mobile Traffic(iOS) in VPN server(windows)

https://www.schellman.com/blog/how-to-catch-mobile-traffic-escaping-burp I have configured the same environment as above. The only difference is that the vpn server's os is windows, not linux. I cannot proceed...

I can't uninstall "burpsuite"

I downloaded a Bursuite on the Internet today, but I found that I downloaded the wrong version. I tried to use "uninstall. exe" to uninstall this version of Bursuite but could not. I downloaded "bursuite...

How can I explain to the customer about false positive (Command Injection Fortify), Can you help me?

private void carregarProps() { props = new Properties(); FileInputStream file = null; try { file = new FileInputStream( ...

Active Scan issues

Hi Team, I am using Burp Suite Professional version. The application which I am testing has a multifactor authentication which is quite complex. So, as to scan the application I have used recorded login sequence. While...

Turbo Intruder CLI java.lang.NullPointerException

Hi, i used this: java -jar turbo-intruder-all.jar sc.py req.txt https://www.google.com foooo and output is: Please note that Turbo Intruder's SSL/TLS handling may differ slightly when run outside Burp...

Is it possible to intercept CLI requests without exporting http_proxy?

Hello, Is it possible to intercept CLI requests without exporting http_proxy?

How do you know which machine/ip initiated the request when viewing target->site map info?

I'm running automated tests on 4 machines that are going through the Burp proxy, and when looking at the request, I was wondering which machine/ip initiated it. I don't see this info anywhere. Is it not something that gets...

burp_infiltrator_java

hi Team Do you have any movie how to use infiltrator.I created file but this file should be insert in testing website or on my computer disk. I'm not smart person sorry.

reCAPTCHA not appearing when using Burp as a proxy

When using Burpsuite Pro as a proxy the reCAPTCHA is not appearing on my client's form, and I can't submit requests. I am wondering if there is a Burp setting I need to set, or if there is a security feature in reCAPTCHA...

No more activations allowed for this license

Hi, I tried to activate my Burp Suite Professional license on a new VM but encounter "No more activations allowed for this license" error. Could you help provide some additional activations? Thank you.