How Do I?

Make a new post

  • Procedure to intercept in Burp when site is accessible only via VPN

    Procedure to intercept in Burp when site is accessible only via VPN

    1 Agent Answer    0 Community Answer
    Jan 16, 2020 10:46AM UTC
  • Procedure to intercept in Burp when site is accessible only via VPN

    Hi, Please do let me know the procedure to intercept in Burp when site is accessible only via VPN for a web application. Regards, Arpita

    2 Agent Answers    1 Community Answer
    Jan 16, 2020 06:35AM UTC
  • Using CAC to authenticate for scan

    Hello all, I am trying to configure my burp suite professional tool to be able to scan URL’s that require cac authentication to the website. I have the PKCS11 set up and am able to insert my cac credentials and pin code in user options. But when I attempt to crawl and audit the URL I get the error “failed to connect” am I missing a step? When I attempt to get to the URL directly from the w...

    2 Agent Answers    1 Community Answer
    Jan 15, 2020 09:58PM UTC
  • What is the file type of Intruder saved results?

    What is the file type of Intruder saved results? I saved the file with no file type mistakenly, tried to load it, and got a file upload error. When looking at the contents of the file it plainly looks like XML so I switched it to XML file extension and didn't have any luck. I'm hoping there is an easy fix other than re-running the attack. Thank you

    1 Agent Answer    0 Community Answer
    Jan 15, 2020 07:33PM UTC
  • Reset Extension Settings

    I have observed that extension settings are independent from project and user options. Is there a way to manually reset extension settings, either for a specific extension or in general? I already tried the following: - Resetting user options - Resetting project options - Reloading extension - Reinstalling extension Thanks a lot!

    3 Agent Answers    2 Community Answers
    Jan 15, 2020 11:18AM UTC
  • Burp Installation for all users on a system

    Can I install burp on a single system using my user account and make it available for all other users accessing the system with their user account.

    1 Agent Answer    0 Community Answer
    Jan 15, 2020 10:49AM UTC
  • IMessageEditor in custom made extensions do no not have properties like Send to Repater

    Hello Team, In the custom made extension, the IMessageEditor doesn't have all the options like when we right click any request in the proxy or the repeater like the options send to repeater, send to comparer. Is there any setting which needs to be added to the code to enable that or we have to use the api manually for each of the cases\? Also, how do we add a context menu to the IMessageE...

    1 Agent Answer    0 Community Answer
    Jan 15, 2020 05:43AM UTC
  • Cross site scripting (DOM based message)

    The application may be vulnerable to DOM-based cross-site scripting. Data is read from location and passed to jQuery() via the following statement: jQuery(location).attr('href').split("//")[1]; How is this vulnerable?

    1 Agent Answer    0 Community Answer
    Jan 14, 2020 07:07AM UTC
  • Burp Suite Enterprise Custom 'user-agent' for scanning

    I am aware of the way to define custom user-agent in burp pro using 'Proxy -> Options -> Match and Replace feature'. Is there a way to define custom user-agent in Burp Suite Enterprise Agents for scanning? For example, I'd like to make this user agent "Mozilla/5.0 (BurpBot1.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36" So that, I ...

    1 Community Answer
    Jan 13, 2020 05:44PM UTC
  • I can't download Burp proxy community edition

    I can't download Burp proxy community edition, my mac says that it can't be downloaded because it says "It can’t be opened because Apple cannot check it for malicious software." Plz help, what can i do?

    1 Agent Answer    0 Community Answer
    Jan 12, 2020 11:52PM UTC