How Do I?

Make a new post

  • GHte my license activation reset

    Good Day, Our current Burp virtual machine has crashed and we do not have a backup. Please could you assist me in resetting my BURP license activation as I have reinstalled BURP on a new virtual and cannot activate the current license.

    1 Agent Answer    0 Community Answer
    Dec 09, 2019 01:28PM UTC
  • any way to bypass preflighted XHR request in a CSRF attack?

    Hello, i found a website where they have as a CSRF protection CORS and a short custom header (without token - just a header that is for all users). i found a way to bypass the CORS protection but when trying to reproduce the vulnerability i need to add the custom header too. The header is like --> something: v2 So it doesn't have a token or anything, but when adding it in the XHR...

    1 Agent Answer    0 Community Answer
    Dec 09, 2019 11:20AM UTC
  • DOM-based XSS

    Hi , I got the message like this : The application may be vulnerable to DOM-based cross-site scripting. Data is read from location.hash and passed to $() The response is : var id = location.hash.replace('#', ''); $elem = $( '[data-' + PLUGIN_NAME + '-id="' + id + '"]' ); How can I exploit this ? Thanks so muc...

    1 Agent Answer    0 Community Answer
    Dec 09, 2019 06:36AM UTC
  • I have problem with the burp suite

    What's wrong with this program? Can someone help me? How can I fix it? Starting attack... There was an error executing your Python script. This is probably due to a flaw in your script, rather than a bug in Turbo Intruder :) If you think it is a Turbo Intruder issue, try out this script: https://raw.githubusercontent.com/PortSwigger/turbo-intruder/master/resources/examples/debug.py For ...

    1 Agent Answer    0 Community Answer
    Dec 07, 2019 07:38AM UTC
  • How to import custom scan configuration using CLI

    We have Burp Suite professional - and evaluating to migrate to 2.x. In 1.7.x we have set the Scan issues (under Scanner -> Options tab. E.g. Scan for only only "LDAP Injection"), and exported it in configuration file. Then as part of our test automation workflow, using Burp Suite CLI we load it, and perform active scan for it. How to mimic this flow when using 2.x? Thanks,...

    1 Agent Answer    0 Community Answer
    Dec 07, 2019 02:18AM UTC
  • Proxy: Web Videos

    Hello, how do I set up Burp so that clients can watch web videos like .mp4 files without burp trying to download the whole file first (streaming responses is not really an option). It either takes very long to buffer or the videos don't play at all. Your help would be appreciated. Thanks.

    2 Agent Answers    1 Community Answer
    Dec 06, 2019 10:35AM UTC
  • Wow Where do I start as a beginner? On Web Security Academy??? Help plz

    I'm a little overwhelmed with the Academy page. Is there an order to follow and build on? Where do I start as a beginner? On Web Security Academy??? Help plz

    1 Agent Answer    0 Community Answer
    Dec 05, 2019 03:27AM UTC
  • I start burp suite and I get a pink screen and I can't do anything else with it.

    I'm running Kali Linux and I downloaded butp suite community. Now when I start burp suite. It starts with a pink screen and I cam not even close it. How do I solve this problem?

    1 Agent Answer    0 Community Answer
    Dec 05, 2019 12:39AM UTC
  • Get div class value from a webpage

    When I load a page and it uses jquery, I can't see the div class value in the html. With Inspect chrome environment I can get the value in console with $(".div-class-name").text(); , but in burp suite I don't know how I can do it.

    1 Agent Answer    0 Community Answer
    Dec 04, 2019 12:44PM UTC
  • I have burp pro licenses but can not download pro release

    Hi, my direct manager bought Burp pro licenses, I have them in .txt file, however I have created account and I do not see possibility to download any releases. Please help.

    1 Agent Answer    0 Community Answer
    Dec 04, 2019 07:49AM UTC