How Do I?
Asks for License key every time when I load from Command Prompt
I am using Burp Pro in Windows. In GUI mode, I am able to start 2 or more instances of Burp and able to work with different projects at the same time. But, when I try to do the same in the same machine via Command Prompt, it asks for Licence Key. Kindly advise me on how to proceed with a license key.1 Agent Answer 0 Community AnswerOct 21, 2019 02:09PM UTC
Where can I find Burp User config File?
I need user config file to run Burp from command line. But I could not able to find user.config/.properties file. Kindly state me its location.1 Agent Answer 0 Community AnswerOct 21, 2019 11:02AM UTC
Burp crawl and audit fails against the DVWA.
Hi, I'm using burp's crawl and audit scan to find as many issues in the DVWA as possible. However, the configured "Application login" fails to log in the application and perform an authenticated crawl and scan. The crawl configuration in "Login Functions" has both options checked and "Miscellaneous" configuration has "Submit forms" option checke...1 Agent Answer 3 Community AnswersOct 19, 2019 12:28AM UTC
Hosting Burp Suite Pro Azure and scanning from Azure cloud?
Can we have the feasibility hosting professional edition as an independent option within Azure instance (cloud) , provided we don't violate any licensing T&C of Burp and Azure?1 Agent Answer 0 Community AnswerOct 18, 2019 07:02AM UTC
Hi PortSwigger team, We have an internal test application that we know to have an XSS issue in a pre-authentication login page. The issue was identified by the Burp Pro scanner, but not by the Enterprise Edition. The scan agent versions are the same (2.1.04) and the url is the same for both scans. It looks like the Pro scanner is seeing 11 insertion points (in the audit items tab) ...1 Agent Answer 0 Community AnswerOct 17, 2019 01:30PM UTC
Burp Automated Scan using Macro not spidering all url's
Hello, I am using the Burp API to automate the scans on Burp Suite v1.7.31 After creating a macro, I am supplying credentials and I am able to login later using the macro. However, Burp is only able to spider or crawl the macro url and not spidering or scanning automatically for other url's. The only request as part of my macro is the login request. The scope is intended to scan all ur...2 Agent Answers 1 Community AnswerOct 17, 2019 08:15AM UTC
java version with burp enterprise
How do I upgrade the vulnerable java 9 version bundled with Burp Enterprise?3 Agent Answers 1 Community AnswerOct 16, 2019 04:08AM UTC
Web Credentialed Scanning
I can do a live scan and audit for vulnerabilities; but I cannot seem to have that happen automatically; when I attempt to do an automated scan; it scans the front door landing pages, it does not "see" any login forms. Need a way to actually crawl a massive website1 Agent Answer 0 Community AnswerOct 16, 2019 12:45AM UTC
Problem generating a CSRF PoC
I understand how basic CSRF works and i have reported some csrf issue to some bug bounty programs in the past, but i have encountered this issue that i don't know what to do. I get this little message when trying to generate a CSRF PoC on a POST request without csrf token or headers: > Warning: The CSRF form uses a different encoding type than the original request, and so the applic...1 Agent Answer 0 Community AnswerOct 15, 2019 09:15PM UTC
Exploiting cross-site scripting to steal cookies