If an application trusts an HTTP request header like X-Forwarded-For to accurately specify the remote IP address of the connecting client, then malicious clients can spoof their IP address. This ...

The response contains two or more Set-Cookie headers that attempt to set the same cookie to different values. Browsers will only accept one of these values, typically the value in the last header. The ...

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in ...

If you or your teams use Splunk for your Security Information and Event Management (SIEM), you may like to integrate this with Burp Suite Enterprise Edition. Once configured, this enables you to ...

This release gives you better visibility of the crawl paths found by Burp Scanner, introduces support for sharing issues with Splunk, and enables you to use custom extensions, BChecks, and BApps with ...

Burp Suite Enterprise Edition enables you to upload an OpenAPI definition to run a specific API scan. You can add new API definitions at any time. API definitions are managed in the Sites menu. Each ...

We provide an installer for Windows and Linux operating systems. You can download these from Burp Suite Enterprise Edition. The new scanning machine is automatically ...

This section explains how to troubleshoot self-hosted installations of Burp Suite Enterprise Edition. The method for accessing logs depends on the type of instance you have: ...

Welcome to the Burp Suite Enterprise Edition user guide. This guide explains how to set up users, sites, and scans so that you can get your scanning workflow up and running. It also gives a ...

When you enable multi-factor authentication (MFA), all users must enter a passcode from an external authentication app in addition to their username and password when they log in. This helps to make ...

You can use scanning pools to manage your scanning machines. Scanning pools stop the problem of a scan failing because the relevant machine is busy elsewhere, or an assigned machine being unable to ...

To run scans in Burp Suite Enterprise Edition, you need to allow inbound and outbound network access between your sites and scanning resources. The specific network requirements vary depending on ...