How Do I?
How to connect from a remote device to Burp?
Hi I am trying to do MiTM from my mobile phone. I have set up as proxy the computer where Burp is running, but it is not receiving any traffic With any other proxy, as fiddler or Zap, i can see the traffic Do i need to do anything special to accept traffic incoming from an external device? Thanks1 Agent Answer 0 Community AnswerNov 09, 2015 02:26PM UTC
Hello , In most of the scans using Burp for XSS , I can see only HTTP 302 responses for the different XSS payloads, is there a best way to find XSS using Burp for more complex application.6 Agent Answers 5 Community AnswersNov 05, 2015 10:38AM UTC
Three protocols in SSL tab
I am using the pro version of Burp (latest version). I can only see three SSL protocols (SSL v2, SSLv3 and TLS v1). How can I update this and SSL ciphers list?1 Agent Answer 0 Community AnswerNov 03, 2015 07:00AM UTC
Validating XSS manually
XSS validator not working
I am having some issues running the XSS validator on Burp (version 1.6.30). I can load the XSS validator, without any errors. The problem happens under Intruder, after I select the positions / payloads / selecting the generator, and so on. When I hit "Start attack", a window opens, but the attack does not start. It is as if the payloads are not loaded, or the XSS validator is not wor...1 Agent Answer 2 Community AnswersNov 01, 2015 05:16PM UTC
Access Request panel from Intruder | Positions subtab using Swing
I am trying to add intruder request using Jemmy automation. I can find all components under Intruder | Positions subtab except the main request text area. I tried to dump all the compnents and look for the specific area but it looks like there is no way to access the request text box as swing compnent. Could you please help finding the specific compnent?1 Agent Answer 0 Community AnswerOct 27, 2015 11:08PM UTC
Problem with HTTPS
Hello, I can't intercept HTTPS traffic. The burp error is "'The client failed to negotiate an SSL Connection to www.xxxx.xx:443 no cipher suits in common''. I tried with different browsers, I know that with java 6 it works, but I use java 8, can you explain me why it doesn't work in java 8? How can I fix it? Thanks!1 Agent Answer 0 Community AnswerOct 27, 2015 02:00PM UTC
Team, Currently we are able to get report of identified vulnerabilities. But we want to get Clearance Report as well. Like If we have no vulnerabilities identified then We want a Clearance report That No issue identified etc.. or if there are few issues identified then Report should mention That Following are the Vulnerability Identified and alo list all Issues that are Cleared Tha...2 Agent Answers 1 Community AnswerOct 26, 2015 11:20AM UTC
App ignoring system proxy settings?
I've looked at the first 5 pages of this Support Center and the closest I see to my problem is here (http://forum.portswigger.net/thread/1557/burp-displaying-webgoat). If this has been answered, or this is the wrong area to post, I apologize. But I'm beating my head to the desk trying to figure this out. I'm trying to scan a Java-based web app. The proxy is working. I know this ...1 Agent Answer 0 Community AnswerOct 20, 2015 07:25PM UTC
List Burp Proxy Listeners
Greetings, Quick question - how would one obtain a list of every Proxy listener currently configured within Burp using the BurpExtender API? I've tried leveraging the callbacks.getProxyListeners method: https://portswigger.net/burp/extender/api/burp/IBurpExtenderCallbacks.html#getProxyListeners() But as far as I can tell it returns an empty result despite having 127.0.0.1:8080 regis...1 Agent Answer 2 Community AnswersOct 20, 2015 06:28PM UTC