How Do I?

Make a new post

  • Burp 2.0 Crawl Form submission

    I am using Crawl with Bup Suite 2.0. In Burp Suite 1.0, there was a “Form Submission” item in Spider, and “Prompt for guidance” could be selected. Is it possible to make similar settings in Crawl of Bup Suite 2.0?

    1 Agent Answer    0 Community Answer
    Nov 01, 2019 07:00AM UTC
  • Burp Suite Automation

    I am trying to automate an API scan using Burp Suite Pro. I am planning to Initiate scans through the REST API and fetch the report through headless burp, as API returns a JSON response, and I need a user friendly HTML report. How do I go about to do that? Are there any easier approaches? And how to I automate authentication via Bearer token through an external link and add the token to the reques...

    1 Agent Answer    0 Community Answer
    Oct 31, 2019 06:10AM UTC
  • Ip rotate

    I'm on macbook and I try several time to install ip rotate on macos I already install the jython for the environnement my question is do someone is mind to help me with that because I always got a problem with the installation I'm willing to pay. Please let me know or send me a message

    1 Agent Answer    0 Community Answer
    Oct 30, 2019 10:25PM UTC
  • Do you have any cloud formation scripts

    hi PortSwigger, Do you have any cloud formation scripts to install the enterprise server and the agents, say all in one machine (or more?) Thanks, --Jyothsna

    1 Agent Answer    0 Community Answer
    Oct 30, 2019 08:57PM UTC
  • Irotate

    I try to install the on my macos it say that sun.reflect.DelegatingMethodAccessorImpl.invoke( at java.lang.reflect.Method.invoke( at burp.uue.<init>(Unknown Source) at Source) at Source) at I would like to have if theres a way to fix th...

    1 Agent Answer    0 Community Answer
    Oct 30, 2019 07:52PM UTC
  • Got strucked.. Cant know what to do

    Hello guys... I'm using burp suite for the first month it works perfectly later i stopped using this for a while due to my studies and extra works... Now when i'm using now it doesn't works as usual and it shows message: "The client failed to negotiate an SSL connection to Received fatal error: decrypt_error" Since morning i'm searching the s...

    4 Agent Answers    3 Community Answers
    Oct 30, 2019 11:17AM UTC
  • How do i can use SiteMap and Macros from Professional in Enterprise version

    I build SiteMap with macros and rules to scan application - and it works well. But in Enterprise version i can't even import my SiteMap (as crawling works bad, it can't even found any post methods, i will be silent about ajax). It's possible to setup Enterprise like in my Pro version?

    4 Agent Answers    5 Community Answers
    Oct 29, 2019 12:19PM UTC
  • Burp Pro 2.1.04 - Cannot Audit JavaScript Application After Manual Crawl

    Situation: Currently I'm performing a security assessment of a webapp hosted on a windows server that uses angular.js as its web framework. To be able to crawl the webapp manually (after some research I figured out this is required for JS apps since Burp does not currently have this feature) I have to disable the Burp proxy within the web browser, then navigate to the URL being tested, in w...

    2 Agent Answers    1 Community Answer
    Oct 24, 2019 07:17PM UTC
  • BurpSuite Enterprise and Jenkins

    When using Jenkins to build with BurpSuite Enterprise, the following error gets produced: " java.lang.IllegalArgumentException: Must provide a certificate in PEM format". What certificate is it referring to, is this the API key to login with the service account or something else?

    2 Agent Answers    1 Community Answer
    Oct 24, 2019 04:38PM UTC
  • http request summgging and CORS poc

    By checking from the website, there are one article refered to http request smugging and another article for CORs exploit. these two articles are quite theoritic but in order to test and proof of concept in Burp, is there any way ?

    1 Agent Answer    0 Community Answer
    Oct 24, 2019 03:34AM UTC