How Do I?
How to change the Authorization header in scanner rule?
I'm attempting to perform an active scan on a few requests that don't have the current authorization header. Every response in the logger++ output shows a 401 unauthorized because each scanner request is using an invalid auth header. I've looked at the rules creation wizard in the project options -> sessions tab, but it only allows you to modify cookies or parameters, not header ...1 Agent Answer 0 Community AnswerAug 17, 2017 06:17PM UTC
Configure Burp to recoginze traffic from a Visual Studio debug (Start)
When I start up my application from Visual Studio and I hit "Intercept is on" in Burp, it doesn't seem to see what is happening in the web application. Any help on how to do this?1 Agent Answer 0 Community AnswerAug 16, 2017 08:48PM UTC
Include Intruder in project/state file?
Is there a way to include the Intruder tool in the auto-saved project files, or in a state file? I know I can export each Intruder attack separately, but I'd love to not have to remember to do that manually at the end of the day...1 Agent Answer 1 Community AnswerAug 11, 2017 01:55PM UTC
More info on "Identify Backend Parameters"
During a scan I have found an endpoint with the issue "Interesting input handling: Backend Parameter Injection". In the advisory there is the suggestion to click on the "Identify Backend Parameters" entry of the context menu. I did that, but I got no feedback: where should I look for any result and or progress? Do I have to leave some window open? Can you please give me more ...1 Agent Answer 1 Community AnswerAug 11, 2017 08:10AM UTC
Installing Burp-suite in Ubuntu 16.04 LtS
How do I install burpsuite in Ubuntu 16.04 LTS , is there any .deb package available?1 Agent Answer 0 Community AnswerAug 09, 2017 02:46PM UTC
Does anyone have experience testing endpoints that expect BSON content? Is it possible to implement a plugin that encodes the Active Scan payloads as to be able to stress these endpoints from Burp Pro? Thanks in advance.1 Agent Answer 0 Community AnswerAug 09, 2017 02:47AM UTC
Intercepting iOS traffic
Burp is giving unkonown certificate errror while intercepting traffic for an ios app which is on https. The certificate has been added the trusted profiles and also app doesn't use certificate pinning .1 Agent Answer 1 Community AnswerAug 08, 2017 11:39AM UTC
Target Scope scan
Good Day May I ask, how can I manually initiate a scan using the Target scope What I have is txt file with urls that has been loaded onto the Target Scope but I'm not sure how the scan is started Thank you Jabu1 Agent Answer 0 Community AnswerAug 07, 2017 08:43AM UTC
Find the actively scan defined insertion points
How do I find which parameter I selected on "actively scan defined insertion points" feature in the context menu of the Intruder? If you go to Scanner tab there will be an item there but no information at all which parameter is been select for scanning. My suggestion is to highlight the parameter(s) on the "Base request" under "Show details" screen. Thanks! Rica...1 Agent Answer 0 Community AnswerAug 05, 2017 08:46PM UTC
Do not want to manually forward each request
Hi, I am trying to leverage Burp proxy to obtain the API calls in our custom web application. I have a series of automated tests that I would like to run while Burp is running to obtain a list of the POST APIs with their data. Right now I am having to click the forward button for every request. Is there a way to just automatically forward the requests?1 Agent Answer 0 Community AnswerAug 04, 2017 12:50PM UTC