How Do I?

Make a new post

  • Burp suite can able to access/ test the HTTPS sites in burp suite professional?

    Hi I have scanned the https website in burp suite. after running 5 hours also, burp has not shown any issue activity . the suite can perform test on https or not. Regards Srikanth T

    1 Agent Answer    0 Community Answer
    Apr 13, 2019 04:47AM UTC
  • Disappointed

    Your website advertises the following statement "If you pay online using your credit card or PayPal, your order will normally be fulfilled automatically in real time, and you can begin using the software straight away". Is this actually true or is it just there because it sounds good? I have been waiting for hours and I haven't received an email, or anything that would allow me to u...

    3 Agent Answers    2 Community Answers
    Apr 10, 2019 09:37PM UTC
  • Burp Interception does not work for localhost in Chrome

    I can't intercept requests made by Chrome to my localhost site. - Local host site is running on IIS on http://127.0.0.3:80 - Burp proxy lister is default one on 127.0.0.1:8080 - Interception rules are default one as well When Interception is turned ON and I reload page in Chrome browser, no request is "caught" by Burp, my local site loads and only the external requests ar...

    1 Agent Answer    1 Community Answer
    Apr 10, 2019 04:00PM UTC
  • Burp extension action handler

    When I try to configure a Rule , in the invoke a Burp extension action handler in the drop down is see "No actions defined" , I have installled "Token Incrementer" from Extender but cannot see it in Burp extension action handler drop down for Rule or Macro

    1 Agent Answer    0 Community Answer
    Apr 10, 2019 09:54AM UTC
  • Burp Intruder

    I have an Oauth Application if I use Intruder for Cluster Bomb attack on specific page of my application , wanted to check how to run intruder without application session getting timed out if intruder is running for longer duration , is there a provision for Intruder to refresh the session when request gets timed out using expired tokens.

    2 Agent Answers    1 Community Answer
    Apr 10, 2019 06:05AM UTC
  • How to update and remove cookies through Burp API

    I only saw get methods for cookies, there's no set or remove methods.

    2 Agent Answers    1 Community Answer
    Apr 09, 2019 10:40PM UTC
  • Is there a way for intruder to set a payload for the parameter name in a request?

    Is there a way to use intruder to set a parameter name as a payload position as well as the value? I'm trying to iterate through a few parameter names and values to go along with them but it seems like intruder only set payloads for the parameter values. If I'm just not using the right tool inside burp please let me know.

    1 Agent Answer    1 Community Answer
    Apr 09, 2019 05:57PM UTC
  • Running Burp through my iPhone is so slow that most apps timeout

    Is there a workaround for this? It's definitely a hindrance to what I'm trying to do. Understatement. Thanks!

    1 Agent Answer    0 Community Answer
    Apr 08, 2019 11:04PM UTC
  • Burp Ent : Importing URL's from Burp Pro

    I have manually crawled complex application in Burp Pro. I can see all the request/responses in the Proxy's history. Now, how do I import all these URL's (most of them are POST requests) into Burp Ent for repeated scan's ?

    2 Agent Answers    1 Community Answer
    Apr 08, 2019 07:59PM UTC
  • Resolve the url's in the training?

    Hello, After finding a post about the web security training, I have started it. I finished the first lab and completed it. Sadly, the 2nd lab is broken: Firstly, the URL given in the training, https://insecure-website.com/products?category=Gifts is not the one used in the link lower down when you access the lab: https://ac1420c23ef63f8280baebcf.web-security-academy.net/ So onto the 2nd less...

    1 Agent Answer    0 Community Answer
    Apr 08, 2019 06:35PM UTC