-
It seems that right now the includes (path, regex, extensions) are processed always before exclusions. This leads to situation that the data that we explicitely wanted to backup, are not processed bec…
zette updated
5 years ago
-
What setting should be used to stop param miner messing with the Origin header when guessing GET or POST parameters?
I have used the following settings but it still changes the Origin header which br…
-
OK, this is high priority for me... I have a simple RSyntaxTextArea in an RTextScrollPane in a JInternalFrame in a JDesktopPane where I can't type anything.
Adding a KeyListener directly to the tex…
-
Just installed Wsdler from BApp Store and following the steps from here https://blog.netspi.com/hacking-web-services-with-burp/ I'm always getting the "Parsing WSDL" and after that the error "Not a WS…
-
The tool causes Burp to consume too much memory. Even when specifying the `-Xms` & `-Xmx` options, using burp-hash will cause problems. Disabling the burp-hash plugin will cause Burp to behave normall…
evict updated
5 years ago
-
API Authentication is not possible?
The most API evaluation requires previus authentication to consume many other functions...
-
Hi,
I occasionally get this error:
```
Traceback (most recent call last):
File "/home/user/.BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py", line 249, in processHttpMe…
-
Cross site request forgery (CSRF), also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a web browser into executing an unwanted action in an application to which a user is …
-
The code for the extender is here: https://github.com/nccgroup/pcap-burp
-
Polyfill.io is/was a popular service used by as much as 4% of the Internet. It was recently being used to inject malicious JavaScript code into users’ browsers.
REF:
- https://blog.cloudflare.com…