How Do I?
Invalid client request received: Dropped request looping back to same Proxy listener
Getting the above error when trying to connect to WebGoat using port 8080 on my local host through Firefox. I've set up the Firefox proxy for localhost port 8080 and the same on Burp. Saw another post with the same problem which mentioned invisible proxies? Couldn't figure it out. Thought I'd start a new thread. Any help ASAP would be great.1 Agent Answer 0 Community AnswerFeb 25, 2015 01:28AM UTC
Set one cookie equal to another in intruder
How do I troubleshoot "failed to connect" messages?
So, I load up Burp Pro, restore defaults (latest versions of burp and JRE), enable the proxy and then in Chrome, with FoxyProxy browse to the site I want to scan/spider. I add said site to scope, and then start spidering. In the alerts tab there will be an increasing number of alerts saying that I failed to connect to the site name, and the same thing happens when I use the scanner. Burp is ...1 Agent Answer 0 Community AnswerFeb 19, 2015 11:53PM UTC
get the count (number of pages ) spider crawled
How can i get the number of pages crawled by the spider1 Agent Answer 0 Community AnswerFeb 19, 2015 09:55AM UTC
Transfer License from one laptop to other
Hi, I have just got a new mac machine in lieu of a windows laptop. I'd my Burp Suite license on the windows machine. How do I transfer it to the Mac? Thanks, Nadeem2 Agent Answers 1 Community AnswerFeb 12, 2015 03:47PM UTC
Can I change the domain name or IP address in stored state?
Hello? I would like to scan actively in domain name B using stored burp state when I scanned passively with domain name A. B would run the same service that A have run. Is this possible? If then, could you let me know how to do it? Thank you.1 Agent Answer 0 Community AnswerFeb 11, 2015 09:57PM UTC
How do I manual add a vulnerability
Using the intruder functionality, i saw the application was vulnerable to a XSS (with a custom payload). Active/Passive Scan doesn't find it. So I have a hit but how can i flag this payload/result with this params as a match within the scanner result (or other place to be able to include this match into the final report) (and of course flag this with a type of XSS vuln and the relevant advi...7 Agent Answers 7 Community AnswersFeb 10, 2015 01:16PM UTC
How do I replace the content of a whole file?
Hi, a web app I am testing is requesting jar files from a web server. I want to replace the jar file the server sends back with a modified version. I can of course intercept the response and manually replace the response content, but this is error prone and takes time. I have certain timing issues that make manually pasting the jar file not an option. So, how do I replace the whole response ...2 Agent Answers 1 Community AnswerFeb 05, 2015 10:18AM UTC
Discover content requests with cookies
Hello, Is it possible to "Discover Content" using valid cookies to test for authenticated pages? I've run several sessions after using the "Discover Content" context menu from a request with a valid cookie, however the cookies do not seem to be used in the brute forcing. Thanks Mark2 Agent Answers 2 Community AnswersFeb 04, 2015 10:53AM UTC
java.net.socket Exception when configuring intruder through Burp Extender API
I am sending multiple HTTP req to intruder with positions marked using sendToIntruder() method in burp Extender API but when I click Launch attack I get java.net.socket in the alerts Tab and no status as 200/400 is coming in the launch attack results box. Can anybody please help in sorting out this1 Agent Answer 0 Community AnswerFeb 03, 2015 10:31AM UTC