How Do I?
How addToSiteMap decides if there is any existing matching item in the site map?
I'm working on a burp extension to create a site map from burp logs saved in an XML file. The burp log may contain redundant logs in it. Hence, when adding IHttpRequestResponse to site map using "IBurpExtenderCallbacks.addToSiteMap" the redundant logs are removed. I want to have a list of all the redundant logs which are not included in the site map. Since "addToSiteMap&...1 Agent Answer 1 Community AnswerAug 21, 2019 04:02AM UTC
Intercept SSL traffic for Android Nougat 7 and above version.
Hi, do I need to decompile, add the security config xml file in application folder and recomiple every time while doing security testing in Android Nougat 7 and above versions ? As I am facing difficulty in testing android apps, needed more clarification on this. Thank you1 Agent Answer 0 Community AnswerAug 20, 2019 07:07AM UTC
Proxy intercept not working with firefox
Im using firefox to run test my website on localhost.I configured the proxy settings so that burp suite can intercept it.But with all the correct settings,the traffic is still not intercepted.Yesterday it was working fine,i went to sleep woke up and its not working anymore. Configurations I used : https://imgur.com/a/wdhcfv71 Community AnswerAug 19, 2019 07:00PM UTC
headless xml report with
Hi Guys, Looking for quick help how can we get an XML report with base64 as false <request method="GET" base64="false">. I mean I need request and response in plain text rather than base64 encoded. I ran burp in headless mode. java -jar -Xmx1g -Djava.awt.headless=true "C:\Program Files\BurpSuitePro\burpsuite_pro.jar" --config-file=burpprojectoptions1.json -...1 Agent Answer 1 Community AnswerAug 19, 2019 08:56AM UTC
Lab: HTTP request smuggling, basic CL.TE vulnerability (Help for a noob)
Hello, I'm new in this world and I already have an issue on the first lab (F****ng Hell) but i'm not down yet ! Even reading the solution I have issue on finding the "Unrecognized method GPOST" when using the Burp Repeater... Can someone help me ?1 Community AnswerAug 18, 2019 04:37PM UTC
how do i convert multipart gzip to original file
during my research i'm intercepting some packages like this: Content-Type: multipart/form-data; boundary=cLXA2xHy63hD9QS92t_yJwlwnL8vVb Accept-Encoding: gzip, deflate X-FB-HTTP-Engine: Liger Connection: keep-alive Content-Length: 1922 --cLXA2xHy63hD9QS92t_yJwlwnL8vVb Content-Disposition: form-data; name="access_token" 567067343352427|f249176f09e26ce54212b472dbab8fa8 -...1 Agent Answer 0 Community AnswerAug 18, 2019 02:53AM UTC
How to configure Burp Suite for traffic to/from Docker container?
As titled really. I have it setup correctly to monitor all browser traffic, however when I'm hitting a local container web app at localhost, it isn't intercepting. Can you offer any guidance?1 Agent Answer 0 Community AnswerAug 17, 2019 08:43PM UTC
Hello When I start up Burp Suite, I get the error message, "Your JRE appears to be version 12.0.1 from Oracle Corporation. Burp has not been fully tested on this platform and you may experience problems." Should I be worried?2 Agent Answers 1 Community AnswerAug 17, 2019 12:53PM UTC
encode xml payload ...
hello support and folk ... im trying to send an exploit to server vlun to : Apache Struts2 Remote Command Execution (S2-052) the payload is : <map> <entry> <jdk.nashorn.internal.objects.NativeString> <flags>0</flags> <value class="com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data"> <dataHandler> ...1 Agent Answer 0 Community AnswerAug 16, 2019 01:25PM UTC
Burp Enterprise Edition
After installing the BURP Enterprise edition and trying to open the administrative portal I am getting Login failed error. I am using the same username/email and password which I specified during installation1 Agent Answer 0 Community AnswerAug 15, 2019 10:29PM UTC