Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Change parameter submitted during ActiveScan

Philippe | Last updated: Oct 02, 2018 03:04PM UTC

After migrating to 2.0+, where can we modify the values submitted (POST) during an Audit scan (e.g. Peter Winter, etc.)

PortSwigger Agent | Last updated: Oct 02, 2018 03:06PM UTC

Unfortunately, this isn't currently possible with Burp 2. Someone else also asked for this and we will investigate reintroducing the feature. Is this stopping you crawling an application? We'd be interested to know more details, especially if the randomly generated data is failing validation rules.

Burp User | Last updated: Oct 04, 2018 12:55AM UTC

Thanks for your response Paul. Two instances triggered our request 1) With certain applications, POST or GET requests will create entries in the backend database. We would like to be able to control the data submitted so that we can easily perform some cleaning after testing (for example prefix all submitted parameters with a fixed value that’s we can easily extract from the database afterwards). 2) Some application perform validation of certain parameters (for exemple ensure that the phone number submitted is correct for a given country) and whithout being able to control the data we’re submitting we may be missing some checks preventing us to reach further within the application. It would be great to reenable this feature in a near futur.

PortSwigger Agent | Last updated: Oct 04, 2018 08:06AM UTC