HTML formatter indents incorrectly
The formatter thinks "<base>" need a close tag, but actually "base" is an empty element, as explained in https://developer.mozilla.org/en-US/docs/Web/HTML/Element/base clearly. Everything under "<base>" should not have indented.1 Agent Answer 0 Community AnswerApr 24, 2018 08:57PM UTC
NTLM Authentication Issues in 1.7.33
Our Red Team discovered a bug in webapps that utilize NTLM authentication. The NTLM auth requests were not being properly sent from Burpsuite 1.7.33 and access was consistently denied with working credentials. Taking Burp out of the chain resulted in successful authentication in Chrome, Explorer, or Firefox. The NTLM authentication was found to be working with Zap as the intercepting proxy too.1 Agent Answer 0 Community AnswerApr 23, 2018 03:13PM UTC
Huge project files when scanning
Hi, I'm using Burp Pro 1.7.33 and I noticed that the scanner is generating huge amounts of project data with no apparent reason. I'm talking about 1GB per minute more or less for a single scan which has the Burp Collaborator disabled. My scan generated around 3000 requests and the project file went from 30MB to 12GB. Is there a reason for the huge disk space increase? What's cu...4 Agent Answers 3 Community AnswersApr 16, 2018 04:28PM UTC
Scanner Cookies Error
Hi, I'm using Burp Professional 1.7.33. MacOS ver. Burp suite logged the first cookies for Scanner. I logout from website and I sign in with different membership. After I'm using Scanner. But cookies not true, because payloads have first cookies. So, scanner not working true. I'm sorry for my bad English. Thanks :)1 Agent Answer 0 Community AnswerApr 11, 2018 04:56PM UTC
Does Burp try to send unsent files.
A server team is reporting that it is still receiving attack strings and file upload attacks from my scan even though I stopped scanning more than one week ago. Is it possible that Burp (or my OS) is still trying to send unsent attacks when I open it back up? Does it have a queue of unsent attacks that would go out even though scanner is paused? This particular scan was very resource intensiv...1 Agent Answer 0 Community AnswerApr 06, 2018 05:43PM UTC
Hi Team, I get this error message while running Burp Suite spider & scanner against multiple post request using asp.x application which are using xrftoken or key in body content : java.net.SocketException: Software caused connection abort: recv failed and Authentication failure & transmission timeout. Does this issues happens only due to varies in xrftoken or key present in the b...1 Agent Answer 0 Community AnswerMar 28, 2018 04:03AM UTC
Hi, Below page contains a list of issue that Burp Suite can report. https://portswigger.net/kb/issues It will be really helpful if it can hint about the cause and possible fix for it. We really don't have idea what is the cause and what is the fix. Is there any documentation available?2 Agent Answers 1 Community AnswerMar 27, 2018 02:58PM UTC
Burp Suite has reported about use of Permanent or persistent cookies on client machine.
Burp Suite has reported about use of Permanent or persistent cookies on client machine. Should we stop using them? What are the alternatives available?5 Agent Answers 4 Community AnswersMar 27, 2018 02:20PM UTC
What is Private IP addresses disclosed reported by Burp Suite.
What is Private IP addresses disclosed reported by Burp Suite, and how to fix it. Please let us know what can be the cause of this issue and how to fix it.4 Agent Answers 3 Community AnswersMar 27, 2018 10:55AM UTC
What is abuse of functionality reported by Burp suite
Our security team has reported something called [What is abuse of functionality], by which the user entry can be altered to some other value, even though we have validation for it. Lets say, one can choose max next 30 days but using burp suite they could change it beyond that. Please explain what exactly this attack is . How do I reproduce it without Burp.And what is the fix for it. I am not...1 Agent Answer 0 Community AnswerMar 24, 2018 04:27PM UTC