Questions tagged [burp]
Burp is a proxy tool which is used for intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application, allowing you to: Intercept and modify all HTTP/S traffic passing in both directions. Easily analyze all kinds of content, with automatic colorizing of request and response syntax, rendering of web content, and parsing of serialization schemes like AMF.
burp
299
questions
0
votes
0
answers
35
views
how to redirect https to http in burpsuite
How to automatically modify https url to http url while intercepting using Burp Suite.
Below is the attempt made, but url is still being used as "https"
have tried replacing header as "^...
-2
votes
0
answers
18
views
Not able to install burpsuite in wsl2
I am trying to isntall burpsuite in wsl2(i am using xrdp for gui) but i get this error when i run the burpsuite_pro_linux_v2024_5_5.sh file.I get the output
Unpacking JRE ...
Starting Installer ...
An ...
-1
votes
0
answers
62
views
Apache Camel https connection through Burp Suite proxy gives SSLException: Unsupported or unrecognized SSL message
I want to send my camel connections through Burp Suite Proxy. I have imported my Burp Suite certificate to cacerts.
So the following example does work, the request appears in Burp Suite and program ...
0
votes
0
answers
30
views
If a cookie is vulnerable to XSS (so you can edit the cookie's value to contain script), how can that be exploited in practice?
I was checking out this Portswigger lab:
https://portswigger.net/web-security/essential-skills/using-burp-scanner-during-manual-testing/lab-scanning-non-standard-data-structures
And basically the ...
0
votes
0
answers
74
views
Burp Suite not intercepting android APKs
I have and AVD running connected to burpsuite on 127.0.0.1:8080. I also have the certificate
installed.
When I try to intercept my app (made in Android Studio) everything works perfectly.
The ...
0
votes
0
answers
19
views
Session persist for few minutes after log out ASP.NET
I have an ASP.NET 4.8 MVC application. I am using form authentications. Recently I have discovered that pages are accessible for a period of time 0-5min even after logged out.
This is only happening ...
0
votes
0
answers
48
views
Proxy error - HTTP error code 400 within burpsuite when using whatsapp websockets
I am testing Whatsapp web within burpsuite. I am performing the connection process via the qr code that is generated within whatsapp web and capturing this traffic within burpsuite in order to utilise ...
0
votes
0
answers
218
views
Correct Hydra Syntax for Brute-Forcing my ip camera website Login Pages Using Burp Suite?
I'm attempting to use Hydra to brute-force my Dahua ip camera website Login Pages by sending a POST request to 192.168.0.10/RPC2_Login, which I have captured via Burp Suite. However, Hydra seems to be ...
0
votes
1
answer
21
views
Replay IHeartRadio station URL in Python
I am trying to capture the IHeartRadio URL for a specific site and just replay it.
The replaying part I have down in python that's no issue.
the issue is actually capturing this URL!
I tried capturing ...
0
votes
1
answer
50
views
ZAP and Burpsuit
Why is there a difference in the ZAP and Burp Suit reports even though we run the same report for the same web Application? I was doing the Manual intervention for my website.
I want to know if I can ...
0
votes
0
answers
279
views
Failed to spawn: unable to find executable at 'my_binary'
i'm trying to bypass ssl using frida but when i execute frida-ps -U I only get the name of the application unless I add this argument to the command -a
When i execute one of the following commands:
...
0
votes
0
answers
76
views
Burp Suit - CORS vulnerabilities identified
While ruung the Burp-Suit for my web application, I am getting the below Cross-origin resource sharing Issue
Cross-origin resource sharing: arbitrary origin trusted
/plugins/angular-1.8.1/angular.min....
0
votes
0
answers
130
views
Burp does not intercept request via Chrome
I thought I had everything in place to use Burp Proxy with Chrome on MacOS
Burp Suite -> Proxy settings is defaulted (127.0.0.1:8080) + Intercept is on
Proxy is enabled in System Settings (MacOS)
...
0
votes
0
answers
145
views
Inspecting Android Phone's Cellular and Wifi Network Packets
I want to intercept my android phones network requests. Not only browser but also application requests like twitter applicaton etc. Cellular network requests would be great but Im ok to wifi connected ...
0
votes
0
answers
70
views
Question about how burp suite repeater works
i have a request in burp which works fine with burp suite's repeater, but when i use the same request with postman, it somewhat doesnt work...?
I made sure that both requests are identical.
I dont ...