How Do I?

Make a new post

  • Configure Burp to pass dynamic authentication token from the past response to the next request

    I would like to reuse an authentication token (which is dynamic) between a response and a request in the intruder module. (By dynamic I mean that the token is invalidated after being sent to the server and that we get a new token in the response.) Here is how the authentication mechanism works: https://i.stack.imgur.com/sdmsg.png Please note that in the request the token is in the b...

    1 Agent Answer    1 Community Answer
    Jul 11, 2019 09:27PM UTC
  • include JWT Token

    How can I include custom headers in burp enterprise. I have several applications that are rest APIs and without JWT in an authorization header you just get 403. So no meaningful scan can be conducted.

    2 Agent Answers    1 Community Answer
    Jul 11, 2019 09:06PM UTC
  • Activation

    Hello I am getting a maximum activation limit error when I am trying to activate the same on the 2nd system. How can i get additional activation?

    1 Agent Answer    0 Community Answer
    Jul 11, 2019 01:33PM UTC
  • Unable to getting API hits of my xamarin iOS app in burp while browser activity is getting record

    I have xamarin iOS and I have done all my configuration in burp as well as in device 1. IOS version 12.3.1 2. Burp Suit professional v2.1 3. Added proxy listeners 4. Added same proxy listeners in my iPad 5. Try with intercept ON and OFF 6. Added certificate 7. Allow full trust in iPad Now when I doing activity on my iOS safari browser then its adding successfully in burp while when ...

    1 Agent Answer    0 Community Answer
    Jul 10, 2019 02:15PM UTC
  • Burp Collaborator

    Hello, I'm trying to setup a private burp collaborator server the only things I have: Kali machine in a VM and burp No internet connection, just a single machine to work with how can I setup the collaborator in this way ? (I've tried multiple threads on the net as well as portswigger's guide but nothing fit to my needs) any suggestions please (btw, I don't need a certi...

    3 Agent Answers    5 Community Answers
    Jul 10, 2019 12:23PM UTC
  • Passive Scans

    Hello I have a question. I attempted to run a live passive crawl. The problem is issues were automatically detected. Is there anyway to turn off this? The reason I ask this is I am testing a site that specifies that I can't use any automatic scanners or tools. Any help would be appreciated. George

    2 Agent Answers    1 Community Answer
    Jul 09, 2019 11:32PM UTC
  • How do I configure a test with customised 3 criteria login details

    How do I configure a test with customised 3 criteria login details. Essentially to login into the application I have to enter an username, a password and my Client name. In your application I can only enter the username and pwd. im not sure what "label" is.

    1 Agent Answer    0 Community Answer
    Jul 05, 2019 11:09AM UTC
  • Insertion Points [x skipped]

    Sorry, but I couldn't find this explained anywhere. When the Scan queue reports "[x skipped]" under Insertion points, what does that mean? Thanks.

    1 Agent Answer    0 Community Answer
    Jul 04, 2019 08:48PM UTC
  • Digest Auth

    How do i configure Digest Authentication proxy?My Browser does not prompt even when Digest Authentication is enabled.

    4 Agent Answers    4 Community Answers
    Jul 04, 2019 04:32PM UTC
  • Can we install Burp Suite Professional version in server

    Can we install Burp Suite Professional version in server

    1 Agent Answer    1 Community Answer
    Jul 02, 2019 09:56AM UTC