How Do I?

Make a new post

  • http history missing in-scope items.

    I have my scope set in the Target tab, has about 10 web sites listed then all of their items with in them. When I goto Proxy->HTTP history I do not see all of my listings from Target in there. I am missing a few web sites as well as their paramters. Inside of both Target and HTTP history I have set the Show only in scope filter set that is all. So they are added to scope. I have also taken ...

    1 Agent Answer    0 Community Answer
    Feb 24, 2016 11:41PM UTC
  • "No response received from remote server"

    After I make a few requests to the web server, I received an error "No response received from remote server" in browser. The alerts tab also shows the same error message. I saw a solution which is to resolve by reloading CA Cert. Is this means to regenerate CA cert from Burp, export it and install in web browser? Are there any other solution which works?

    2 Agent Answers    2 Community Answers
    Feb 23, 2016 03:18PM UTC
  • re allocating burp licenses

    we have a total of 44 burp licenses. end users will come and go. where in the Portal do I go to have licenses reallocated?

    1 Agent Answer    0 Community Answer
    Feb 22, 2016 04:48PM UTC
  • Register menu item

    I want to register a custom menu item in first row in context menu. For example, self.CallBacks.registerMenuItem("New Item", self, 1) where, 1 indicates first row in context menu

    1 Agent Answer    0 Community Answer
    Feb 22, 2016 10:37AM UTC
  • How do I use a password protected Java KeyStore for Burp Collaborator

    Dear All As required for running a private Burp Collaborator instance, we have ordered and received a wildcard certificate for the domain we'll run our instance under. We've created a JKS containing our certificate, which we're pointing at from our configuration file. However, this JKS is password protected and there doesn't seem to be a way to hand this password to the ...

    1 Agent Answer    0 Community Answer
    Feb 22, 2016 09:16AM UTC
  • How do I specify which SSL/TLS ciphers Burp Collaborator can use?

    Dear All, We're currently running a private instance of Burp Collaborator. As this host is visible to the internet, we include this system in our regular vulnerability scans focused on internet-facing systems. Our most recent scan included possible vulnerabilities on the Collaborator system. Most vulnerabilities relate to the use of unauthenticated, not encrypted or weak cipher suites...

    1 Agent Answer    0 Community Answer
    Feb 22, 2016 09:08AM UTC
  • Can I add more scans to SQLi or XSS scans which are run by Scanner?

    I want to configure Burp a bit more. As I understood, in Scanner / Options I can select the Active Scanning Areas. Is there a way to add more e.g. SQLi, or XSS to what already is checked? Where can I see the list of Payloads which are injected in Scanner? Are these the same as in Intruder / Payload Options? Can there be something done with the Issue Definitions or is it informational? T...

    1 Agent Answer    0 Community Answer
    Feb 19, 2016 09:21AM UTC
  • Compare site maps with a Authorization: Basic value

    I want to do a comparison with different privileged accounts. For Site Map 2 I want to "Request map 1" with a new cookie. In the Options > Sessions I added a "Use Cookie from Cookie Jar" for Target. But there is a header "Authorization: Basic xxxx" which I have to change, too. I didn't find a way to change a header in the Session Handling Rules. I can add a...

    1 Agent Answer    0 Community Answer
    Feb 18, 2016 02:21PM UTC
  • Problem with Digest authentication

    Hi, We have a web application which consist of both web pages without authentication and web pages that uses Digest authentication. When we add the platform authentication credentials to Burp Suite the Scanner test doesn't complete the testing of web pages not using Digest authentication. In the Scan queue tab the status ends up telling "abandoned - too many errors (XX% complete)"...

    3 Agent Answers    2 Community Answers
    Feb 18, 2016 08:58AM UTC
  • handshake_failure

    I'm running burp v1.6.36 and using a client ssl certificate to authenticate to secure web pages. I am receiving the error handshake_failure when attempting to access and sites that require the client cert. I am using java 1.6.0_41-b02. Below is what I have tried to resolve the issues with no success. Install Java Cryptography Extension (JCE) by by copying the loca_policyl.jar and US_e...

    1 Agent Answer    1 Community Answer
    Feb 17, 2016 06:54PM UTC