How Do I?
manage authentication of application which is using JWT authentication method.
I am strruggling with application which is using JWT for authentication, its keep on prompting for authentication failure. Can you provide complete manual to handle the situation.0 Community AnswerFeb 27, 2018 11:57AM UTC
Don't allow Set-Cookie to add cookies to Requests
Hi, I have a scenario and only discovered when using Logger++. When using the Burp scanner, the response will give a 400 straight away because the HTTP request is too large (Multiple Cookies). The repeater works multiple times with 200 response but for some reason the Scanner gets hit with the 400 response and the HTTP requests has bunch of cookies. Can I force the Scanner to use just the or...1 Agent Answer 0 Community AnswerFeb 26, 2018 04:03PM UTC
How do i SAVE the ongoing Scan?
Hi all, I've noticed the Burpsuite is discouraging the usage of the "Legacy State" files. But then when i tried to use "Project State" files instead, my previously ONGOING scan states aren't resumed anymore. In fact the whole thing becomes empty. What is the best advised way to SAVE the current ongoing state of the scan please? Thanks all. Regards, Arkar1 Agent Answer 0 Community AnswerFeb 26, 2018 10:44AM UTC
Information ------------------------------------------------------------ Version : Burp 1.7.32 (Professional) Burp Proxy Server : Kali Linux Certificate : Android Device 7.0 (Nougat) Issue ---------------------------------------- NET::ERR_CERT_VALIDITY_TOO_LONG Tested using chrome, if using firefox it cannot open the URL in secure protocol. when using normal protocol / HTTP it'...2 Agent Answers 1 Community AnswerFeb 23, 2018 07:55AM UTC
I've been trying to set up the burp suite, but no matter what I do it always gives error. I open the browser and say that my connection has been interrupted or my browser is not authorized to use the proxy, it always asks me to remove this proxy from my machine. I've done everything, I took the firewall, enabled the proy settings all as the instructions ask, I've already downloaded ...1 Agent Answer 0 Community AnswerFeb 23, 2018 01:33AM UTC
Can I customize the information stored in the project file?
Hi there! I have created 2 macros that have registered about 5 items. By a session handling rules, I have run one macro before scanning and another macros running after scanning. Then, the project file have become very large capacity. (When the scan status was 5%, the project file was about 120 GB.) [Question 1] Can I customize the information stored in the project file ? [Question ...2 Agent Answers 1 Community AnswerFeb 22, 2018 07:31AM UTC
I have a problem and I hope you can assist me. My burp suite can successfully intercept both http/https originated from my browser (CA already installed) but whenever I try an arpspoof attack it doesn't intercept anything although I can see it in Wireshark for instance. Furthermore, I am getting error in the Alert tab saying that "the client failed to negotiate an SSL connection to.....1 Agent Answer 0 Community AnswerFeb 20, 2018 10:57AM UTC
Dropping requests to specific domains or hostnames without the Out-of-scope feature
I have a handful of hostnames / domains that I want requests to those domains dropped. Most of the requests are automated in nature e.g. browser requests to ^detectportal\.firefox\.com$ or ^apis\.google\.com$, hence, they are relentless. Is there a 'clean' way to make Burp drop requests to these domains so they never get completed? My current way of doing this is not too elegant...2 Agent Answers 1 Community AnswerFeb 20, 2018 04:43AM UTC
Intercepting Android version 8.1 HTTPS Traffic
Hi there, I have a rooted Nexus 5x (Magisk rooted) with Android 8.1 installed. I have been trying to intercept traffic with Burp but I'm running into problems that I have never had before. There are only a few HTTPS requests that I can seem to intercept. Both in FireFox and Chrome, I get a "certificate untrusted" error in one form or another and I can't connect to HTTPS w...1 Agent Answer 0 Community AnswerFeb 19, 2018 12:57AM UTC
burp web interface
I am fresh new burp user, and already completed some of courses but now I cannot reach the burp web interface. Currently burp is working well but when I type http://burp it automatically sends me to tomcat it works page, not the burp page. Thanks and best regards.1 Agent Answer 0 Community AnswerFeb 18, 2018 08:57PM UTC