Bug Reports

Report a bug

  • Unable to create projects on a network drive

    Hello, Up just updated to the Burp Suite Professional v2.0.17beta and tried to create a new project located on a network drive. On the first attempt, it stated that the project was corrupt and needed to be repaired. I followed through with this and it was able to 'recreate' the new project. Although there were absolutely no settings setup, not even defaults. Example, there was no pr...

    1 Agent Answer    0 Community Answer
    Feb 22, 2019 12:31AM UTC
  • Connect abort software thrown

    Hai , I receiving connection abort in alert tab while scanning all the target. I could not find the root cause of the issue. Please help me. I even downloaded new version but still not helpful to scan.

    2 Agent Answers    1 Community Answer
    Feb 21, 2019 01:41PM UTC
  • Configured the Burp Proxy. Applications not working thru proxy

    Hi Support, I configured the proxy as per the document in Burp and Mozilla. Applications not working through this proxy. It is just hanging. Kindly suggest.

    4 Agent Answers    3 Community Answers
    Feb 21, 2019 11:01AM UTC
  • Maybe not a bug, xss reported by Burp

    I came across an xss found by the scanner and reported as Certain. test74666'%3balert(1)%2f%2f901vivg94 I was not able to reproduce it manually until I put a ) between the ' and the ; -> %3b. I'm wondering why Burp doesn't report it - so to speak - correctly. Thanks in advance.

    1 Agent Answer    0 Community Answer
    Feb 14, 2019 09:21PM UTC
  • report issue

    How many Types of reports available in burp suite report..? and what are the possible test cases are present in the burp scanning report..?

    1 Agent Answer    0 Community Answer
    Feb 14, 2019 05:07AM UTC
  • Burp suite submitting blank username and passwords when doing an authenticated crawl

    Right now, I get locked out of my account because burp suite is trying to login with blank user names and passwords. I get locked out because it tried multiple times with the same IP. How can I see further into the issue that burp suite is submitting blank user names and passwords?

    4 Agent Answers    4 Community Answers
    Feb 11, 2019 07:57PM UTC
  • Burp text is kind of akward using i3wm and xorg

    Hello, I'm experiencing some really annoying font dpi problems with the application, they are really making the experience with burp unbearable, I am using i3wm and, as you can see on the screenshot, the text is all fuzzy and I didn't manage to fix it yet, I tried changing the font family/size but it didn't fix the problem, here's a screenshot https://imgur.com/a/8F4XwEv ...

    2 Agent Answers    1 Community Answer
    Feb 05, 2019 10:05PM UTC
  • External Service Interaction - Bug Bounty?

    I have found an external service interaction issue on a website that is listed in hacker one, I want to send a report, but, I'm not sure how to come up with a proof of concept to send to them. I have recently reported an external service interaction bug, but the company asked for a poc and I had no idea where to begin. First of all I used burp suite pro active scanning to find the issue an...

    1 Agent Answer    0 Community Answer
    Feb 05, 2019 06:36AM UTC
  • Certificate Error

    Team, I have generated self signed PKCS 12 certificate and uploaded it onto the Burp enterprise webserver using the GUI. However, when I invoke the scan using the CI driver, I receive the following error message. echo "BURP_SCAN_URL = http://demo.testfire.net" | java -jar burp-ci-driver-v1.0.5beta.jar --scan-definition=myscan.json https://10.10.68.34:8080/api/<APIKey> E...

    1 Agent Answer    0 Community Answer
    Feb 01, 2019 01:26AM UTC
  • Burp Collaborator built-in DNS server responds with NOTIMP to CAA requests

    Hello! (tested on v.1.7.37) During renewal of wildcard certificates from Let's Encrypt, there's two DNS-related events: the validation of the ACME challenge (synchronous) and the validation of CAA entries (asynchronous). Burp Collaborator currently supports none of them. Validating the ACME challenge over DNS is doable: temporarily redirecting DNS traffic to another DNS server (dns...

    1 Agent Answer    2 Community Answers
    Jan 28, 2019 11:02PM UTC