How Do I?

Make a new post

  • Basic Auth: 1 Position, but should be two?

    I am following some guides and it says for basic auth to select the hash and then use a colon as thew position seperator/select Base64 etc. I am confused as there should be two positions? For the username list and password list it is one thing I select and they want me to enter two positions? Its https and I have the CA etc. GET /cgi-bin/webif/system-info.sh HTTP/1.1 Host: 192.168.100.10:555...

    1 Agent Answer    0 Community Answer
    Sep 13, 2019 09:12PM UTC
  • Enterprise questions

    We are using a Burp Pro License and exploring the Enterprise edition possibility in our company. I took a look at most of the documentation in the page but I was wondering if there is additional documentation and examples. Among the questions I have: - Is there additional documentation for the REST API and Enterprise documentation interaction and how to apply in the CI/CD pipe? - Is it po...

    1 Agent Answer    0 Community Answer
    Sep 13, 2019 05:47PM UTC
  • Exported certificate mismatch with this from proxy connection

    Hi, I regenerate certificate on burp, restart it, export from burp, import to firefox and passing requests thru burp then I have "MOZILLA_PKIX_ERROR_MITM_DETECTED" where after checking serial number and SHA1 between both certificates (this one from "check certificate" when error occured and this one imported previously) I can see that they are different! What is happening? Im ...

    2 Agent Answers    2 Community Answers
    Sep 13, 2019 10:35AM UTC
  • I have a license key of burp suite professional which is provided by my company.

    I have a license key of burp suite professional which is provided by my company. where can i able to download Burp suite professional software please help me.

    1 Agent Answer    0 Community Answer
    Sep 13, 2019 06:39AM UTC
  • Burp and Zap work together properly

    I been over this few days now and cant figure it out. I am using newsest eddition Kali Linux, updated Firefox and Java. My Firefox proxy set to 127.0.0.1 8090 only then docent give HTTP certificate error, but should be 8080 to match Burp-suite proxy listener. Upstream proxy is set to 127.0.0.1 8090. Zap local proxy is set to 127.0.0.1 8090 and a new certificate is generated and uploaded t...

    1 Agent Answer    0 Community Answer
    Sep 13, 2019 06:05AM UTC
  • How do I perform a completely headless install and execution of Burpsuite Pro on Linux?

    I'm trying to find instructions on how to perform a completely headless install of Burpsuite Pro on a Linux box (CentOS6) and I can find instructions on how to install using the shell script, but when it comes time to connect to the WebUI, a proxy spins up yet I'm not able to connect to the WebUI just yet. I saw a mention regarding an initial GUI wizard that needs to be completed before ...

    1 Agent Answer    0 Community Answer
    Sep 12, 2019 05:38PM UTC
  • Burp Reader - Read time out after 1000ms

    Hello, I am trying to use burp reader to send some POST request to a server. After some time I get an error: {error: reader time out after 1000ms} I am using Burpsuite community edition. Does anybody know if this has anything to do with that. If not, how can I increase the time-out period? I read a post on burp intruder where you mentioned increasing the time-out period from Project options. P...

    1 Agent Answer    0 Community Answer
    Sep 12, 2019 04:40PM UTC
  • Unable to capture http request

    I am trying out Android mobile testing. I have a Windows 64-bit machine on which I have Genymotion emulator installed. Since all the testing tools are available freely in kali/santoku OS, I am using kali linux installed in VirtualBox. I am trying to intercept the http traffic (using burp) from one of the Android applications installed in Genymotion. The scenario however errors out and I am shown w...

    1 Agent Answer    0 Community Answer
    Sep 11, 2019 07:06AM UTC
  • Login on website Scan

    I was trying out the website scan functionality and I entered the login credentials for a site. I then entered all the other data and started the crawl and audit. When it was on the Account\Login page it did not appear to ever pass the login credentials to the site. IT scanned all the it could bu never was able to see any of the pages that require the user to login. How does it know that it ne...

    1 Agent Answer    0 Community Answer
    Sep 10, 2019 05:31PM UTC
  • proxy for local sites

    I have a number of test sites that I would like to run burp against. When I set firefox to use Burp as a proxy and then enter the url which is on out test server the request never gets returns the site. It works fine with out pointing to the proxy in firefox. Is there a special setting I need to do to be able to use Burp. It works if I point to the production server. But those are access with...

    1 Agent Answer    0 Community Answer
    Sep 10, 2019 05:25PM UTC