How Do I?
want to deactivate burp suit on client machine.
Hi, I want to deactivate burp suit on the Client machine from the portal. Is this possible? Kindly help. Thanks & Regards Gunjan1 Agent Answer 0 Community AnswerMar 15, 2018 06:35PM UTC
Transparent proxy to intercept pgsql
Hi, how can i intercept pgsql traffic (client software <-> pgsql server) with burp? I tried this: - Burp Proxy Listener <IP>:8080, Invisible: check bind to specific address <my IP> - arpspoofing (because systemwide proxy does not work) - iptables -t nat -A PREROUTING -p tcp --destination-port 5432 -j REDIRECT --to-port 8080 - Port forwarding is 1 Intercepting http a...1 Agent Answer 0 Community AnswerMar 14, 2018 10:47AM UTC
The client failed to negotiate an SSL connection to xxx.xxx:443: Received fatal alert: unknown_ca
I able to see all the traffic but I still this alert almost per request sent1 Agent Answer 1 Community AnswerMar 13, 2018 03:59AM UTC
Security assessment of few REST APIs using BurpSuite Pro
I need to do security assessment of few REST APIs and I have BurpSuite Pro tool. 1. If I setup the burp proxy on browser to capture all request / response and scan, is BurpSuite Pro capable of identifying the vulnerabilities in REST APIs? 2. Is scanning similar to web applications? OR are there any other settings do need to do to discover vulnerabilities in REST APIs?1 Agent Answer 0 Community AnswerMar 07, 2018 11:31AM UTC
testing an iPad application that uses Mobile Iron Tunnel VPN software
HI, Just wondering has anyone any security experience of testing iPad applications which use VPN Tunnel functionality on an iPad? What should I check? how I can intercept traffic using the VPN? Im looking to test to see if the login is secure. Thanks,1 Agent Answer 1 Community AnswerMar 06, 2018 03:28PM UTC
Remove URLs from Running "Active Scan".
How can I remove or exclude the URLs from the running "Active Scan". If it is not there, it would be appreciated to add.1 Agent Answer 0 Community AnswerMar 06, 2018 11:24AM UTC
How do I disable ALL checks on the new scanner?
I need for example to check only for ONE vulnerability. How do I do that in your new scanner?1 Agent Answer 2 Community AnswersMar 01, 2018 07:45PM UTC
Burp Scanner Unique Param Validation
How do you deal with forms that require a unique param value in Burp Scanner? For example, registration forms require a unique email address to pass validation. Burp submits the form, fuzzing 1 param at a time. The same email address will be submitted over and over, until the email address param is fuzzed. Leaving all other params untested. How to make the email address unique with every ...2 Community AnswersMar 01, 2018 12:02PM UTC
Import Client SSL Certificates (.CER files)
I was trying to load a .CER file into the Client SSL section for the proxy server, however it says it requires a password. Is there any way around this? I tried the Openssl method of setting a custom password except there doesn't seem to be any documentation of .CER files. I'm trying to access a company site that requires a certain certificate and hardware token. The hardware token works...1 Agent Answer 0 Community AnswerMar 01, 2018 07:06AM UTC
Trouble with configuring Burp with Firefox
Hi Team/Friends, I am having a bit of trouble setting up Burp with Firefox. I change the network setting of Firefox to 127.0.0.1:8080 and in burp the settings are normal. If I turn the intercept on, burp start to intercept the get method for /sync of Firefox on http://127.0.0.1:9614. I wanted to prevent that as I waste a lot of time to forward these request and get to the actual intercept. The ...1 Agent Answer 0 Community AnswerFeb 28, 2018 02:38PM UTC