How Do I?

Make a new post

  • How do I re-link burp to a /tmp/burpxxxxxxx.tmp/ folder after it crashed

    I had TONS of data in that burp session before Java gave up and cashed. I absolutely need it back.

    3 Agent Answers    2 Community Answers
    Jul 17, 2015 05:19PM UTC
  • 'Interface port 8080 is not running'

    Hi, I am using Burp Suite 1.6 Free Edition. in proxy option and proxy Listeners section my Interface (, Running Check Box is not checked ! how do i?, i click the CheckBox but nothing to show. pls help me pic ->

    2 Agent Answers    1 Community Answer
    Jul 11, 2015 01:41AM UTC
  • Determining number of requests/attacks made

    I am scanning two websites for XSS attacks (or any other test) only One is and other is PHP. Lets say I am testing only URL parameter value and in both the cases there 5 parameters each Question 1: For both the websites, number of attack requests sent will be the same or the number of requests will differ ? (since they have same number of parameters) Question 2: If the number ...

    1 Agent Answer    0 Community Answer
    Jul 10, 2015 01:07PM UTC
  • Handling Multi-Staged Logins for Scan with Burp

    I am trying to automate the login process and validation of successful login via Burp Session Handling/Macros. This login requires an initial POST that includes the username/password, then, in the response to the initial POST, it asks the user to answer one of four different secondary questions (favorite color, city you live in, etc.), which you answer and send back in the second POST to compl...

    4 Agent Answers    4 Community Answers
    Jul 09, 2015 06:23PM UTC
  • changing responses exiting burp

    A thick java application needs gzipped responses, so I'm trying to make an extension that re-gzips HTTP responses going from burp to the application. However I can't find the right callback to register. Both IHttpListener and IProxyListener hook before I can manually edit the response. I want the extension to act after editing (when I click the forward button).

    1 Agent Answer    1 Community Answer
    Jul 09, 2015 09:35AM UTC
  • intercept proxy based applications

    I was trying to intercept an application (Internet Download Manager) requests after I configured it's proxy, I was able to intercept the request, however I don't receive response. could it be a certificate problem? if not, what is it

    3 Agent Answers    2 Community Answers
    Jul 09, 2015 05:40AM UTC
  • How do I manage JSON Web Token auth in Burp?

    So, while doing active scanning and such, what's the best way to handle JSON Web Tokens that expire quickly? Basically when burp receives an auth failure, to run a post request and retrieve the new JWT to place in the header.

    2 Agent Answers    5 Community Answers
    Jul 08, 2015 05:33PM UTC
  • Client certificate using Internet Explorer cert store?

    Greetings, Is it possible for Burp to use the Windows (IE) certificate store? I've got a client whose process requires client certificates, but the IE+applet procedure stores it directly. Trying to export the result for Burp's use does not appear to work. That would indeed be ideal however.

    1 Agent Answer    1 Community Answer
    Jul 07, 2015 04:44PM UTC
  • Clarification on Webservices scanning

    I have some clarifications on web service testing. Question 1: Is burp suite capable of performing testing webservices against all known vulnerabilities associated with web services ? All scanning options present under Active Scanning areas are applicable for web service testing ? or it is limited to subset of those ? Question 2: I browsed a website and it captured a webservice URL (and m...

    4 Agent Answers    3 Community Answers
    Jul 07, 2015 03:07PM UTC
  • Query Parameter in SSL Request, where is this?

    I am validating issues which were previously found. In the URL, the following information is available: GET /cleaned/servlet/ControllerServlet?commandLink=AppPriceReportList.jsp HTTP/1.1 Since the connection is via SSL, I would have expected that Burp would have flagged this as an issue. What happened?

    2 Agent Answers    1 Community Answer
    Jul 06, 2015 05:29PM UTC