Burp Suite User Forum
Hi, I am beginner in sec and I was doing the first lab: https://portswigger.net/web-security/file-path-traversal/lab-simple and I tried to get /etc/shadow, but file not found. Is it intentionally prevented to be found or...
Hi everyone, I'm stuck! I looked online and nothing works. What I would simply like to do is start my python program from shell which connects to browser localhost 127.0.0.1:8080 from code and use burp to try to find...
Hi team, Our team is using the CI-driven scan feature of the Enterprise Edition integrating Jenkins and we are currently facing "Unrecognised field in config file section: platformAuthentication" when we try to perform...
I have been trying to scan some of CTF challenges but whenever I try to use chrome in Burpsuit to scan, I get this message: "Error Unsupported or unrecognized SSL message" I've tried to import the CA certificate in...
Hi! This might be a basic question, but I recently saved a bunch of requests and I would like to load them back into the repeater for example or just otherwise be able to share them in a human readable format with the...
hello portswigger team reset my progress of api testing
Hi, This following lab doesn't work as expected. https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-unkeyed-query In this lab the response is expected to...
In FE Fundinfo, we utilize both the Professional and Enterprise editions. However, we are currently experiencing challenges in the Enterprise edition regarding the inclusion of URLs with query parameters for scanning. Could...
Hello there, If possible, can I have activations for my license reset? Thank you, Hasnain
How i resrt all my labs and progress to solve them again ?
Hi team, I am trying to figure out an automated way to disable auto update feature while installing Burp enterprise. Is there an api to do that or some flag we can turn on or off just after installation ?
Hi, I am learning mobile pentesting. Using Genymotion: v3.6.0 Burp Professional: v2024.2.1.3 Vulnerable apk: InsecureBankV2 Issue: After doing all the configuration, I am able to intercept the request but unable to...
Hello Support, I was trying the "Lab: Basic clickjacking with CSRF token protection" but I tried to intercept server response and changed the post for change email with delete account. Now I'm unable to login using the...
Greetings, I tried to start the BSCP this weekend, but turned out it's not working properly, after clicking on start the exam in Portswigger and being redirected to Examity, I can't start the exam as Examity says that...
Need to use an application that utilises an authentication via a certificate (mutual TLS). I have looked an importing this on the burp tool but not had any success. The easiest option for me is to configure the browser's...
How to reset all the learning progress back to zero ?
Is there any way I can limit the scanner payload If I know exactly which technology is used at the backend? For example: If I know the server uses Only PHP and MySQL (Ignore the case the data is sent to other systems with...
Error content:Failed to create Burp project:Cannot invoke "java.nio.file.Path.resolve(String)"because"<local1>" is null. This error occurs in the version Burp Suite Professional v2024.2.1.3(stable).But Burp Suite...
How do I get my license key
Hi, -I have no problem using burp on http/https website on my firefox browser using foxyproxy. -I have no problem using burp to reach http/https website on the INTERNET with the chromium Burp browser. -As soon as I use...
Page 1 of 311
Your source for help and advice on all things Burp-related.