How Do I?
Intercepting iOS traffic
Burp is giving unkonown certificate errror while intercepting traffic for an ios app which is on https. The certificate has been added the trusted profiles and also app doesn't use certificate pinning .1 Agent Answer 1 Community AnswerAug 08, 2017 11:39AM UTC
Target Scope scan
Good Day May I ask, how can I manually initiate a scan using the Target scope What I have is txt file with urls that has been loaded onto the Target Scope but I'm not sure how the scan is started Thank you Jabu1 Agent Answer 0 Community AnswerAug 07, 2017 08:43AM UTC
Find the actively scan defined insertion points
How do I find which parameter I selected on "actively scan defined insertion points" feature in the context menu of the Intruder? If you go to Scanner tab there will be an item there but no information at all which parameter is been select for scanning. My suggestion is to highlight the parameter(s) on the "Base request" under "Show details" screen. Thanks! Rica...1 Agent Answer 0 Community AnswerAug 05, 2017 08:46PM UTC
Do not want to manually forward each request
Hi, I am trying to leverage Burp proxy to obtain the API calls in our custom web application. I have a series of automated tests that I would like to run while Burp is running to obtain a list of the POST APIs with their data. Right now I am having to click the forward button for every request. Is there a way to just automatically forward the requests?1 Agent Answer 0 Community AnswerAug 04, 2017 12:50PM UTC
Burp appears not to be working with HTTPS
I have been through every guide on this site. installed and reinstalled certificates. configured burp and browser to work together to generate certificate. checked all settings installed, un-installed and re-installed burp, foxyproxy and updated java to 1.8.0_144. And even written this message twice, to ensure I am not missing something. I am at a total loss now. I most frequently...1 Community AnswerAug 03, 2017 12:02AM UTC
How to test Cross Site
We have bought Burpsuite professional edition .Kindly let us know how to test cross site in our Application. In your tool it is not detecting Cross site in our application but other tool are detecting .Please tell us proper way to test for cross site.1 Agent Answer 0 Community AnswerAug 02, 2017 08:33AM UTC
Burp Collaborator Results & Errors
Hi all, I was checking this one app, where, while using Collaborator feature, I noticed a seemingly inconsistent behavior. The app is protected by Cloudflare, and it is possible that WAF is also in use. I am using Burp's public collaborator server, and the Collaborator Everywhere extension. One of the scans was able to confirm External service interaction (DNS & HTTP) finding. The r...1 Agent Answer 0 Community AnswerAug 02, 2017 01:59AM UTC
scanning executable files
Hello, I am looking for help on scanning a exe file that is on a website we are hosting. It always takes a long time to scan it and never finds anything. There is no errors message or timeouts. I try to find a way to scan this item better, I was not able to find anything. If I have miss something in forum please let me know. Rest of the website when I scan does great.2 Agent Answers 2 Community AnswersJul 31, 2017 04:28PM UTC
More info on "External service interaction (DNS)"
While reviewing a web application, I got the "External service interaction (DNS)" issue. I googled for it and I got a grasp on what it could be possibly be, but I'd wish to have some suggestions on how to create a valid POC for this issue. In the vulnerable header I tried to put my own server IP, while observing the log of all the incoming requests. Sadly nothing showed up. Am I ...2 Agent Answers 1 Community AnswerJul 31, 2017 03:07PM UTC
Why the content discovery always check the .gif file?
When I use the content discovery,I found this will genered a ton of task to check .gif filetype?maybe I missed some setting? Queued Tasks Path /Tasks /requests /xx/xx/images/ Test numeric variants on xx_f_040.gif 4 /xx/xx/images/ Test extension extension on xx_f_040.gif 9 /xx/xx/images/ Test extension extension on left_img_study.OLD1 Agent Answer 0 Community AnswerJul 31, 2017 09:24AM UTC