How Do I?

Make a new post

  • Migrating from Burp Suite professional v1.7.37 to 2.1.x

    Our teams are currently using Burp Suite professional v1.7.37. As part of nightly automation workflow, we starts up Burp from commadline and pass pre-configured settings (user settings and project settings) e.g. using --config-file, --user-config-file argument. These settings sets type of active scan we need to perform (to optimize scan time). For us to determine effort to start using v2.x to...

    1 Agent Answer    0 Community Answer
    Nov 26, 2019 02:16AM UTC
  • Scan POST Parameter with REST API

    Hi, I am currently testing the REST API of the Burpsuite Pro and trying to scan POST parameters. The scan starts but only the GET requests to the URL I entered in the scope are scanned. The POST request with parameters is in the Traget list. What do I have to set to scan the POST parameters as well? Greetz Tobi

    1 Agent Answer    0 Community Answer
    Nov 25, 2019 08:57PM UTC
  • [Information Required] Number of follow-up passes performed on completion of each audit phase

    Hi, I was wondering if anyone could help me with the "number of follow-up passes that are performed on completion of each audit phase" option configured in the Built-in Scan configuration (e.g. Audit Coverage-thorough, Audit coverage - maximum etc) of Burp 2.0 or how to find it myself. Whenever i configure an audit and add new URLs to the audit i observe that burp scans the URLs which i...

    1 Agent Answer    0 Community Answer
    Nov 25, 2019 06:26AM UTC
  • Burp 2 - v2.1.06 - Scan / Crawl sends four times the same HTTP request for each entry

    Hello, While doing a scan / crawl of a website, I noticed that Burp 2 makes 4x time the same HTTP requests for each crawl action. for instance it will query /robots.txt four times, this happens also when setting the thread pool to use max one concurrent connection Sample screenshot is available here :

    0 Community Answer
    Nov 23, 2019 07:00AM UTC
  • Burp Infiltrator newer Java support

    According to the documentation, Burp Infiltrator supports Java versions up to 1.8. Is that correct? If so, will it support higher Java versions in the future?

    2 Agent Answers    1 Community Answer
    Nov 22, 2019 12:35PM UTC
  • Get a list of Scanned URLs

    Hi, I have two questions. Is it possible to get a list of scanned URLs ? Is it possible to send a notification after the scan complete? (e.g. send mail or call api for webhook) Regards,

    3 Agent Answers    2 Community Answers
    Nov 20, 2019 10:38AM UTC
  • No Response to my request for BurpSuite Professional Trial

    I sent request for Free Trial BurpSuite Professional on 12th November, but I got no response. Was my request rejected?

    3 Agent Answers    4 Community Answers
    Nov 20, 2019 07:06AM UTC
  • Can we use Burp Tool for testing "netty socket server"

    We have an application which is send request and give response if it's valid which use netty socket server to do this. My organization is doing R&D weather we can use 'BURP Tool' for atchiving this can you please provide step by step process or any video will be fine.

    1 Agent Answer    0 Community Answer
    Nov 19, 2019 02:17PM UTC
  • Associate license with DNS server name instead of localhost

    My license file appears to be affixed to localhost:8080 . How can I associate it with the DNS url ?

    1 Agent Answer    0 Community Answer
    Nov 18, 2019 07:37PM UTC
  • Scan Status

    What are the different status of scan in burp ? Out of my 100 urls, to some of the urls i get the status as DONE and for others i get as request timed out. Should i expect the status as DONE for all the URl i produce to burp ? Does request time out mean scan has not completed for those uri ? What actually it mean. For one particular url for which the status is request timed out, i see there ar...

    1 Agent Answer    0 Community Answer
    Nov 18, 2019 05:20AM UTC