Stack Overflow
Stack Overflow

Questions tagged [burp]

Burp is a proxy tool which is used for intercepting proxy server for security testing of web applications. It operates as a man-in-the-middle between your browser and the target application, allowing you to: Intercept and modify all HTTP/S traffic passing in both directions. Easily analyze all kinds of content, with automatic colorizing of request and response syntax, rendering of web content, and parsing of serialization schemes like AMF.

Note: question about how to use Burp is off-topic on Stack Overflow; please ask question on Super User. This tag is about programming using Burp, that is, Burp Extender.

297 questions
0
votes
0 answers

Can't debug specific app network on iOS

I have used Burp Suite and Charles to debug network using my computer as a proxy. It works with every app and it tracks all network requests, but there's a specific app where it's requests doesn't show up no matter what, does someone have any idea…
Ricardo Daniel
  • 98
  • 8
0
votes
1 answer

Authentication issue in Burp suite

I am getting alerts for authentication in Burp Suite. I have already followed the suggestion given in burp suite support site but it seems not working. How to resolve this ? How to see the request which is passing and not getting authenticated.…
Dhaval Dosi
  • 25
  • 5
0
votes
0 answers

Sensitive data exposure in Burp

I have very little knowledge about security testing. I have been given a assignment to do penetration testing using burp free version. When I started using burp suite then on a page of employee information I saw requests are passing as plain text.…
Dhaval Dosi
  • 25
  • 5
0
votes
1 answer

Penetration testing of Angular JS application in ZAP or Burp Suite

I am struggling to test Angular JS application, Can someone provide me reference to learn that, Couldnt find any. I want to attack the application but it seems not all links are being visited by Crawler.
Dhaval Dosi
  • 25
  • 5
0
votes
1 answer

Need guidance on performing Webservices security testing of WS-Security SOAP using using BURP

We just started off with BURP for the web application. We use SOAP UI for WS-Security SOAP Web services. We are planning to extend the security testing to SOAP Web services using BURP. Can you kindly provide any directions on how can we achieve…
Y5288
  • 163
  • 1
  • 14
0
votes
2 answers

Burp Tool configuration

I am trying to configure BURP Tool. Following things i have done: 1) Ran web-application using tomcat port no : 8080, 2) Changed network to proxy 127.0.0.1:8080 in tomcat, and installed burp certificate in authorities 3) In burp tool, the proxy ->…
user3145999
  • 21
  • 1
  • 5
0
votes
0 answers

Decoding Gzip/Deflate issues

I'm trying to read the contents of packets sent from an Android device and some packets where Burp can detect Gzip compression, it shows the contents, however there are often times I see packets with this information and Burp can't decode or can't…
David Whitemountain
  • 1
0
votes
1 answer

Problems setting up burp suite

I have problems setting up burp suite on my macbook with google chrome. I have followed all guidelines on the official website and my settings look like this: But when I visit websites, I don't see any requests/responses in the intercept tab under…
user2597001
0
votes
1 answer

No route to host, burp

I'm trying to proxy to any https connection and I have in alert section this message: No route host error burp certificate add I have tried to solve it, reinstalled burp, reinstalled the certificate, set a manual network configuration. Does…
alexei.net
  • 11
  • 2
  • 3
0
votes
1 answer

Testing Applications for use of Web Services

1) Is it possible using burp suite/ ZAP or any other web testing tools to find out if an application is making calls to web services? 2) As SOAP web services reply in XML is it also possible to view the responses of the HTML request to…
Proxee
  • 1
  • 2
0
votes
1 answer

How to load saved projects in burp suite free edition

I am using Burp Suite Free edition for validating PEN Test in a Web Applications. I have saved my projects in my local and closed the Burp suite. I launched the Burp suite and try to load the saved project, via Burp >> Project options >> Load…
MoNa
  • 365
  • 4
  • 13
  • 31
0
votes
1 answer

How does Burp Collaborator send a DNS query via Sql Server and T-sql

How can Burp Collaborator send a DNS query via t-sql and Sql Server? https://portswigger.net/burp/help/collaborator.html I know you can use for example exec master..xp_cmdshell 'nslookup intel.com' or Dns.GetHostAddresses() in a stored procedure on…
Ogglas
  • 62,132
  • 37
  • 328
  • 418
0
votes
1 answer

Deny burp suite interception on server response

Can you any body suggest me how to deny the burp suite intercept the server response to the web client?
azhagu
  • 71
  • 1
  • 9
0
votes
1 answer

how to intercept the web request of a remote machine in a LAN

i am using so many tool like burpsuite but with this tool I can capture the local host traffic only can any body tell me that how to intercept the web request of a remote machine Thanks
ZeroNullByte
  • 39
  • 12
0
votes
1 answer

400 Bad Request while interception a request

So I am using a burp suite to intercept a request to stage.training.com/ats/getAllStates.html?countryCode=CR Once Intercepted I change the Hostname to localhost:4502 The localhost uses an authentication which I have already added to Platform…
Tapan
  • 157
  • 2
  • 4
  • 18
1 2 3
19 20