Stack Overflow
Stack Overflow

Questions tagged [burp]

Burp is a proxy tool which is used for intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application, allowing you to: Intercept and modify all HTTP/S traffic passing in both directions. Easily analyze all kinds of content, with automatic colorizing of request and response syntax, rendering of web content, and parsing of serialization schemes like AMF.

Note: question about how to use Burp is off-topic on Stack Overflow; please ask question on Super User. This tag is about programming using Burp, that is, Burp Extender.

297 questions
0
votes
1 answer

How to intercept Docker's container traffic with Burp?

I did the following: Run docker pull bkimminich/juice-shop Run docker run --rm -p 3000:3000 bkimminich/juice-shop Browse to http://localhost:3000 with Burp listening to 127.0.0.1:8080 => I see external traffic (google, cdn...) but not internal…
Ania Berthelot
  • 43
  • 4
0
votes
0 answers

How to resolve vulnerability report on AWSALBCORS cookie appears to be vulnerable to SQL injection attacks

The AWSALBCORS cookie appears to be vulnerable to SQL injection attacks. The payloads ' and 5921=5921-- and ' and 9859=9867-- were each submitted in the AWSALBCORS cookie. These two requests resulted in different responses, indicating that the…
Afis
  • 32
  • 1
  • 5
0
votes
1 answer

Automated testing via Burp Suite

I use Burp Suite to testing my application, but every request send manually and it isn't comfortable. Can I automate my test cases some way? Is it possible to use java scripts in Burp Suite Repeater (or via another extension)? For example script…
Сергей
  • 780
  • 4
  • 13
  • 31
0
votes
3 answers

Could not start Burp: java.lang.UnsatisfiedLinkError: no splashscreen in java.library.path

When trying to run BurpSuite on linux manjaro the following error occurs: "Could not start Burp: java.lang.UnsatisfiedLinkError: no splashscreen in java.library.path" java -version openjdk version "1.8.0_252" OpenJDK Runtime Environment (build…
Павел Воля
  • 1
  • 1
  • 1
0
votes
1 answer

Python 3 requests POST request data/params issue

The issue is that the data/parameters in the POST request aren't being sent correctly to be processed by the server. I've used Burp to check what's wrong and it seems like the parameters are in the request's body as they should, but the thing is…
Waleed Qutob
  • 57
  • 1
  • 3
  • 7
0
votes
1 answer

Selenium not loading the page through Proxy, showing Build info: version: 'unknown', revision: 'unknown', time: 'unknown'

I am unable to load any page through Selenium if the Burp proxy is on, the code I run is the following void runBrowserAutomatization(File fileDriver, String seleniumTrack, boolean isHeadless) { this.fileDriver = fileDriver; String…
Stefano
  • 327
  • 1
  • 4
  • 17
0
votes
0 answers

Request not reaching server (Host header injection)

I have a project in which the client's requirement is to guard against the host header injection attack. I handled the problem at the application level, creating a middleware that checks for the incoming "Host" header and then aborts (403) if it's…
ankush981
  • 5,159
  • 8
  • 51
  • 96
0
votes
0 answers

Selenium opening browser but not loading websites in Java

I am using Selenium in a Burp plugin but I can't load pages with the get method. Browsers open correctly, both Firefox and Chrome, but they don't load the page. Chrome address bar shows "data;.", while Firefox has no text in it. I am using the last…
Stefano
  • 327
  • 1
  • 4
  • 17
0
votes
1 answer

ClassNotFoundException when trying to import plugin in Burp

I am facing this problem since yesterday, Burp started showing the error below when trying to import the .jar file of the plugin, but Netbeans has no issues compiling it. I imported Selenium through the Maven dependency in the pom.xml file and each…
Stefano
  • 327
  • 1
  • 4
  • 17
0
votes
1 answer

Strange response when using Turbo Intruder

I'm a bug bounty hunter and just new to it. Few days ago, I read about the request smuggling vulnerability. And just after that, I started to find it on the Internet. Yesterday, I found a website that when I add X-Forwarded-Host: google.com to the…
ChickenMinh
  • 39
  • 1
  • 2
  • 11
0
votes
1 answer

send requests with python same as in Burp suite

Exploited vulnhub vm now want to automate exploitation process. I have burp suite request which gives me reverse shell, how send the exactly same request using python's requests library? PUT /test/revshell.php HTTP/1.1 Host:…
whatl0ol
  • 3
  • 2
0
votes
0 answers

Not able to get pushes(responses) from server when using burp suite as a proxy

I am trying to test my webapplication for vulnerabilities using burp suite professional, Burp suite is acting as my proxy server so when a client requests I am able to get response from server for every request. To implement pushes I have also made…
JATIN ALWANI
  • 1
  • 2
0
votes
1 answer

How to stop Laravel request from getting manipulated using Burp tool?

My tester has integrated Burp tool with firefox, where he is running our project on same browser. He is saving each and every request of application in Burp tool and then login with another user to post request data of first user, or he logout of…
Shital Jachak
  • 449
  • 6
  • 14
0
votes
0 answers

TLS Certificate error on Android when intercepting with Burp - using Facebook app

Setup: Raspberry Pi 3 with wlan0 interface acting as an Access Point (192.168.2.0/24) and eth0 (192.168.1.0/24) for default gateway to Internet. Pi has iptables Prerouting rules configured to forward web (port 80, 443) traffic to Burp Proxy running…
Pratik Lotia
  • 1
  • 1
0
votes
1 answer

Weird Response's Body Of A Python Proxy Server Using `socket` Module

The Problem I'm Working On A Basic Proxy Server With Python3 sockets. It Works, But Not As It Should Work. The Response Headers Are Fine, But The Body Is Not. As It's Shown Below, The Response Body Looks Weird "Just Bytes 'x1f\x8b\x08\x00\x00...etc'…
A_Asaker
  • 63
  • 6
1 2 3
19 20