How Do I?

Make a new post

  • Pass the Build in Jenkins even Burp_scan shows vulnerabilities for Burp Enterprise

    Team, Could you please let me know how to pass the build in Jenkins despite vulnerabilities being identified using the burp enterprise edition? The BURP_SCAN_STATUS is succeeded in Jenkins but Build is marked as Failure since scanning found vulnerabilities. Running as SYSTEM Building in workspace C:\Program Files (x86)\Jenkins\workspace\AltoroMutual [AltoroMutual] $ cmd /c call C:\Windows\...

    0 Community Answer
    Nov 14, 2019 06:15AM UTC
  • Turn off crawling in enterprise?

    Is there a configuration which will let me not crawl the site I'm crawling at all and JUST scan the URL(s) provided? I have an application which contains the ability to self-register a user, and I'd like to be able to have Burp Enterprise scan the login page itself without creating a user.

    1 Agent Answer    0 Community Answer
    Nov 11, 2019 03:28PM UTC
  • Burp API

    Hi, team! I want to automate BurpSuite scans using burp's REST API (https://portswigger.net/blog/burps-new-rest-api) but receive errors when sending requests to start the scan. I run burp in headless mode. My request looks like below: ``` curl -X POST http://127.0.0.1:1337/<my_api_token_here>/v0.1/scan -d '{"scan_configurations":[{"config":"my-config&...

    1 Agent Answer    1 Community Answer
    Nov 11, 2019 03:06PM UTC
  • i can get in 'http://burp/' but other websites

    i run proxy 127.0.0.1:8080 with burp suite and set chrome or firefox proxy at 127.0.0.1:8080, finally,i just can enter 'http://burp/' to download certificate . and all the other websites, i couldn't get in .why? why?

    1 Agent Answer    0 Community Answer
    Nov 11, 2019 04:56AM UTC
  • How to use burpsuite pro shipped with burp enterprise

    Hi Team, I want to know how to use burpsuite pro shipped with burp enterprise version. Is it possible to use it or trigger it with vmware/burp-rest-api. Kindly let me know how this can be worked on?

    1 Agent Answer    0 Community Answer
    Nov 10, 2019 09:06AM UTC
  • JSON Response hidden data

    Hey there burp community, Here is my question : I was using the repeater tool to send requests and in the response some of the data was hidden/censored by an asterix (*) (eg. {"date":"2019-10-02","time":"09:34:86","Name":"****"}) Is there a way to get this info, in this case the Name ("Name":"****")? If yes, h...

    1 Agent Answer    0 Community Answer
    Nov 09, 2019 10:37AM UTC
  • How do I run passive scan on a specific request

    It does not appear to be possible to run _passive_ scan rules on one or multiple requests. There used to be an option in the right-click menu in proxy, target and other.

    1 Agent Answer    0 Community Answer
    Nov 08, 2019 10:38PM UTC
  • Can I passively scan some specific words?

    Hi, I would like to scan some specific words such as "Storage" or "DB" in JS files. Can I do the same using passive scan function in Burp?

    2 Agent Answers    2 Community Answers
    Nov 08, 2019 06:30AM UTC
  • Extract Json Report from the scans from Burp Enterprise

    How can I extract Json Report from the scans from Burp Enterprise?

    1 Agent Answer    0 Community Answer
    Nov 07, 2019 08:04AM UTC
  • how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hac...

    hi, i have PC for penetration test for internal application. but i suspect my PC has been hacked by other stranger. how burpsuit pro track this 'stranger' or assessment my PC to prove my PC have been hacked ?

    2 Agent Answers    2 Community Answers
    Nov 06, 2019 09:12AM UTC