Burp Suite User Forum

Create new post

Pen Testing Point Of Sales Application

sandeep | Last updated: Jan 11, 2024 04:46AM UTC

Hi Team, We are attempting to intercept the traffic in order to conduct penetration testing on POS applications such as Oracle Xstore and Samba POS. However, we are currently unable to capture the traffic. Could you please assist us in determining if Burp Suite supports POS applications?

Ben, PortSwigger Agent | Last updated: Jan 11, 2024 01:13PM UTC

Hi Sandeep, I am not massively familiar with either of those POS applications - are they communicating using HTTP/S?

sandeep | Last updated: Jan 11, 2024 01:54PM UTC

This is a desktop based application. yes they communicate using HTTP/S

sandeep | Last updated: Jan 11, 2024 01:57PM UTC

Hi Ben. I tried to capture the traffic by enabling the invisible proxying in burp. No luck

Ben, PortSwigger Agent | Last updated: Jan 12, 2024 10:31AM UTC

Hi Sandeep, Are you able to confirm what you have configured with regards to the invisible proxy? Have you looked at the following documentation, which steps through the process in more detail (essentially you will need to know the ultimate destination of the traffic so that you can redirect it whilst using the invisible proxy mode): https://portswigger.net/burp/documentation/desktop/tools/proxy/invisible

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.