How Do I?
How to test Cross Site
We have bought Burpsuite professional edition .Kindly let us know how to test cross site in our Application. In your tool it is not detecting Cross site in our application but other tool are detecting .Please tell us proper way to test for cross site.1 Agent Answer 0 Community AnswerAug 02, 2017 08:33AM UTC
Burp Collaborator Results & Errors
Hi all, I was checking this one app, where, while using Collaborator feature, I noticed a seemingly inconsistent behavior. The app is protected by Cloudflare, and it is possible that WAF is also in use. I am using Burp's public collaborator server, and the Collaborator Everywhere extension. One of the scans was able to confirm External service interaction (DNS & HTTP) finding. The r...1 Agent Answer 0 Community AnswerAug 02, 2017 01:59AM UTC
scanning executable files
Hello, I am looking for help on scanning a exe file that is on a website we are hosting. It always takes a long time to scan it and never finds anything. There is no errors message or timeouts. I try to find a way to scan this item better, I was not able to find anything. If I have miss something in forum please let me know. Rest of the website when I scan does great.2 Agent Answers 2 Community AnswersJul 31, 2017 04:28PM UTC
More info on "External service interaction (DNS)"
While reviewing a web application, I got the "External service interaction (DNS)" issue. I googled for it and I got a grasp on what it could be possibly be, but I'd wish to have some suggestions on how to create a valid POC for this issue. In the vulnerable header I tried to put my own server IP, while observing the log of all the incoming requests. Sadly nothing showed up. Am I ...1 Agent Answer 0 Community AnswerJul 31, 2017 03:07PM UTC
Why the content discovery always check the .gif file?
When I use the content discovery,I found this will genered a ton of task to check .gif filetype?maybe I missed some setting? Queued Tasks Path /Tasks /requests /xx/xx/images/ Test numeric variants on xx_f_040.gif 4 /xx/xx/images/ Test extension extension on xx_f_040.gif 9 /xx/xx/images/ Test extension extension on left_img_study.OLD1 Agent Answer 0 Community AnswerJul 31, 2017 09:24AM UTC
Getting err_cert_authority_invalid after following the instruction to configure in Android
Hi, I am getting the error: err_cert_authority_invalid after i installing cacert in Android device. I follow the step that is available here and still getting this error. Please help. Thank you!1 Agent Answer 0 Community AnswerJul 31, 2017 05:44AM UTC
Burp Proxy and Microsoft Office Plugin?
Trying to test a new app we're developing which has a plugin for Office that is a browser that allows for a template like builder pulling data from auth'd server. Tyring to figure out how to proxy that plugin w/in MS Office to test/validate traffic back to our server from client.1 Agent Answer 0 Community AnswerJul 28, 2017 09:08PM UTC
Remove entries from "Open existing project"
Hello, how can I delete entries from Burp's "Open existing project" list without deleting or moving the burp files? Where does Burp maintain the list of existing projects? Thanks1 Agent Answer 0 Community AnswerJul 24, 2017 09:13AM UTC
Anti-CSRF Token Update/Burp Macro
Hello, I have been testing out the macro functionality of Burp in order to update anti-CSRF tokens on requests. I'm having issues because when I record and test the macro, everything works fine and as intended but after I configure the session handling rules, the token never updates. I primarily am testing this using Intruder because the scanner is a little more difficult to identify defin...1 Community AnswerJul 21, 2017 04:45PM UTC
Whatsapp and twitter MITM
Dears, Can anyone please assist why cant i intercept Whatsapp or twitter packets from mobile device even after installing the burp certificate and unpinned the app.2 Agent Answers 1 Community AnswerJul 20, 2017 09:30AM UTC