How Do I?
Is processHttpMessage thread safe?
Hi Team, I have create a extension that to auto edit MessageInfo with registerHttpListener (using processHttpMessage method.) in processHttpMessage method . I call another class which created by myself, it's responsible for receiving a messageinfo and parse to get header\body\....; but when I run my extension in burp. I found it also get different messageinfo(the hashcode of obje...2 Agent Answers 2 Community AnswersMar 27, 2019 12:42PM UTC
Pausing Scanner on Condition
I was wondering if it was possible to pause the scanner given a certain condition being hit. Basically, if my session is deauthed I want scanner to stop. Is this possible?1 Agent Answer 0 Community AnswerMar 27, 2019 12:39AM UTC
Reference for issue details
The issue details, specifically IScanIssue.getIssueDetail(), allow "[a] limited set of HTML tags": <br> is interpreted as newline and <table>s are formatted correctly. But there is no CSS, <font color=green> does not work, <hr> does not work, <table border=1> does not show a border, etc. I have not been able to find any documentation on this. Is there docume...1 Agent Answer 2 Community AnswersMar 26, 2019 04:08PM UTC
Can you use the cookie jar for crawling site?
Restrict Sites on Burp Enterprise API
We'd like to restrict the sites users can run scans against in Burp Enterprise, and I've configured Groups with site restrictions and have added the sites in folders on the site tree. So basically looks like Group 1 Name (top) - Site 1 - Site 2 Group 2 Name (top) - Site 1 - SIte 2 Yet when I call the API to run the scan using their API key, I constantly get a 401. ...1 Agent Answer 0 Community AnswerMar 25, 2019 06:54PM UTC
Burpsuite Enterprise: Crawling and scoping
Is there any documentation on how crawling/scoping works in Burpsuite Enterprise? We've tried all of the crawl scan configurations along with varying combinations of "Add all links to site map" and/or "Add reqested items to site map" but have been unable to reproduce the same findings found using Burpsuite Pro. It seems the only thing that works is manually adding s...2 Agent Answers 2 Community AnswersMar 25, 2019 02:55PM UTC
Garbled text at end of proxy intercept - no username/pass
Hi, running a proxy on 127.0.0.1 as suggested, I'm getting: POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: close 0Q0O0M0K0I0 + Althou...1 Agent Answer 1 Community AnswerMar 24, 2019 08:54AM UTC
Burp does support firefox version 65.0.1
I am start using burp with firefox version 47 in windows but when i shifted to parrot os. There was already installed firefox 65.0.1 burp is not working there it showed one thing only SSL connection not work. I used every certificate. Force ssl connection but still its not working ?? What can i do ??1 Agent Answer 0 Community AnswerMar 23, 2019 07:11PM UTC
Firewall scan in Burpsuit
Hello, Can we run firewall scan in Burp suit using with IP address? If yes please let me know the procedure. Thank you1 Agent Answer 0 Community AnswerMar 21, 2019 03:20PM UTC
DOM XSS - How to actually inject the source ?
Hello, so, I am struggeling to understand something and I cannot find an answer. If anybody could help me I would be very appreciative. A dynamic analysis of a JS code rendered this Data is read from input.value and passed to element.innerHTML. The source element has id [ID_HERE] and name [NAME_HERE]. The following value was injected into the source: [SOME_OTHER_VALUE_HERE] The p...1 Agent Answer 0 Community AnswerMar 19, 2019 08:16PM UTC