burp-suite – Page 9 – WindowsTechs.com

How to send 2 or more requests at the same time using Burp Suite?

Posted on December 18, 2021 by dokichan

I want to test some application by sending 2 or more requests at the same time (at the same second or even millisecond) using Burp Suite.
By using Intruder or Repeater I can’t do that at literally one moment. They both have the delay is lo… Continue reading How to send 2 or more requests at the same time using Burp Suite?→

How to work Exploit Server in PortSwigger Academy? [closed]

Posted on December 6, 2021 by ThiagoL

I have been looking for answers about What is Exploit Server inside academy exercises? Example, a simple XSS Reflect, instead just reflect using an alert command I realize the use of wrappers like, send payload wrapped location=url, <if… Continue reading How to work Exploit Server in PortSwigger Academy? [closed]→

Firefox not accepting burpsuite’s proxy listeners [closed]

Posted on November 25, 2021 by Jason

As shown in various tutorials, I go to proxy>options>proxy listeners, to see the proxy listeners of burpsuite. When I change the proxy settings in Firefox, to manual proxy config, and set the http proxy to ‘12.0.0.1’ and port to ‘808… Continue reading Firefox not accepting burpsuite’s proxy listeners [closed]→

Tools to intercept a HTTPS GET and change header Status Code during a re-direct?

Posted on November 12, 2021 by Phuc2

When a re-direct from a HTML/PHP site takes a couple seconds, can a tool edit the ‘Status Code’ header to skip to the site which requires an access-token.? Which tools, COTS or open-source can do it? Which Burp tool option (like Pro level)… Continue reading Tools to intercept a HTTPS GET and change header Status Code during a re-direct?→

How to repeat a brute force automatically using burp suite intruder?

Posted on November 6, 2021 by Mehran

I want to repeat my intruder (burp suite) process automatically.
In other words, I want burp suite to do intruder again and again for 10 times.
How can I achieve it??

Continue reading How to repeat a brute force automatically using burp suite intruder?→

How to modify the response code of a website in burp? [closed]

Posted on October 27, 2021 by thething

Imagine website http://x.x.x.x//thing.php returns a response code of 302 instead of 200, meaning I get redirected to http://x.x.x.x//other.php instead of going to http://x.x.x.x//thing.php.
Can I use Burp to intercept and modify the respon… Continue reading How to modify the response code of a website in burp? [closed]→

browser does not work with burp proxy

Posted on October 23, 2021 by White Hat

I want to use Burp to pentest some programs in the HackerOne platform. When I configure the browser for proxy, including the burp certificate, I can get response from whole websites of part of them (e.g. login page).
For example when I use… Continue reading browser does not work with burp proxy→

How to scan apis with burp suite

Posted on October 20, 2021 by Evan Gertis

I would like to use burp suite to scan an api. My goal is to configure burp suite with an api key and id. Then run it against the endpoints of the application with the intruder to perform sql injection. I reviewed the documentation here. D… Continue reading How to scan apis with burp suite→

Automating Penetration Tests [closed]

Posted on September 30, 2021 by Evan Gertis

The goal of this project is to automate burp suite penetration tests.
I have familiarized myself with the burp suite framework. I use the standard workflow:

crawl the site.
use the http history to find relevant requests.
use the repeater … Continue reading Automating Penetration Tests [closed]→

Intercepting app with Burp shows no requests

Posted on September 13, 2021 by Opera of the Phantom

I´m pentesting my first mobile application. I have a rooted android device and followed the steps here and here to install the certificate to proxy the traffic through Burp on my Laptop.
But no requests show up. When I´m opening the app I … Continue reading Intercepting app with Burp shows no requests→