How Do I?
Automatically accept agent
Hi, I am trying to silent install the agents (this works), but now I have run into two issues: 1) I have to manually authorize an agent in the enterprise/webserver. 2) The agent is names 'new agent x'; Is there a way I can do both of these automatically: Authorize an agent and have the agent name be the hostname?1 Agent Answer 0 Community AnswerOct 08, 2019 06:35AM UTC
Problem in Exploiting HTTP request smuggling to capture other users' requests, victim not reque...
I am perfectly able to capture requests and get them shown as comment, but the victim this lab is talking about is not making any request. I have tried making the same post request at different throttles multiple times but still never caught that victim's request. Either the lab is broken or something or I am on wrong path Please tell me what i am missing here1 Agent Answer 1 Community AnswerOct 08, 2019 02:26AM UTC
new scan and task dif
may I know the difference between new scan and new live task? in the new scan//scan configuration/crawling/login functions, there are only two checkbox(1) attempt to self-register (2) trigger login failures, where to input credentials?1 Agent Answer 1 Community AnswerOct 08, 2019 02:11AM UTC
Status "Errors: Unknown"
This is my first time running Burp. Our version is Burp Pro 2.1.04. I have followed the installation tutorials and configure it on windows server 2012 R2 with firefox. Firefox is successfully using burp as the proxy. During our first scan, the crawl phase finishes with 6000+ requests and 67 locations scanned. The Audit phase then pauses with too many consecutive errors. I can resume the scan to co...1 Agent Answer 0 Community AnswerOct 04, 2019 02:59PM UTC
Initiating scans through API
Hi, Every scan initiated via Burp's API initiates a crawling and auditing stage. It is possible to pre-configure an audit configuration and use it for the scan. However, I don't see an option to do that for a crawling configuration, or even to initiate a scan without the crawling stage altogether. Can you please confirm if it is/isn't possible to do that in a Pro version? If not,...2 Agent Answers 1 Community AnswerOct 04, 2019 08:15AM UTC
OWASP and issue
in burp pro version, we have find many issue : , but in the advisory tab, there is no OWASP 2017 category (for example A1: injection, A2: broken authen)mentioned, so how to find OWASP category in burp? I have around 20 issues2 Agent Answers 1 Community AnswerOct 04, 2019 04:02AM UTC
authent scan and un-authent scan in one project file
we need to scan www.zzz.com(unauthen scan) and www.zzz.com/abc(authent scan), i'm given credentials under www.zzz.com/abc in user options/platform authen, I configure user credentials basic authen for www.zzz.com(host), but after scan, in dashboard, it shows unauthen scan, so how to do authent scan for /abc and unauthen scan for www.zzz.com in one project file? thanks1 Agent Answer 0 Community AnswerOct 03, 2019 02:55AM UTC
How do I check my team's license usage. I am new to Burp. Thanks, Jay2 Agent Answers 0 Community AnswerOct 02, 2019 09:28PM UTC
Burp Enterprise Questions
-In Burp enterprise is there any other way to extract a more detailed report besides the HTML Scan summary report obtained like with the one of Burp Pro? -Regarding scanning capabilities :Which are the differences if any from enterprise and pro versions?. will the find the same vulnerabilities if just running the audit functions? - Is there a way to retest vulnerabilities found in pro and im...3 Agent Answers 2 Community AnswersOct 02, 2019 05:20PM UTC
How to setup Burp to intercept a client apps?
I have a .exe client installer and I am wondering whether I can use Burp to intercept the traffic of this client application after I install it on my laptop? If yes, how can I do that?1 Agent Answer 0 Community AnswerOct 02, 2019 02:19AM UTC