#BurpSuite Installing BApp files and refreshing the available extensions in Burp Suite, slightly hidden

TIL: When you update your hostname in Linux, always update your /etc/hosts file as well and add an entry with 127.0.0.1. Otherwise, you may encounter a delay when running sudo, which will perform DNS lookups for your hostname 🤡

New blog post: Long-term Kali Linux usage in VirtualBox. Make sure to always manually install the latest guest additions after each kernel update soffensive.github.io/posts/variou...

If you also missed the new button like me, quickly see your Burp AI credits in the Burp UI at the bottom right:

New blog post: Long-term Kali Linux Usage in VirtualBox: Disk Resizing Issues, Systemd, and Swap Space soffensive.github.io/posts/variou...

New blog post: Long-term usage of Kali Linux in a VM and optimizations. Part 1: Disk Usage soffensive.github.io/posts/variou...

Wondered why my system occupied so much space and it turned out Go consumed a lot for caching over the years... go clean -modcache go clean -cache go clean -testcache go clean -fuzzcache Thanks for 30 gigs of space! scripter.co/cleaning-up-...

If you want to use Bruno (www.usebruno.com) with Burp, try this: export NODE_TLS_REJECT_UNAUTHORIZED=0; bruno or to allow a specific CA only: export NODE_EXTRA_CA_CERTS=~/burpca.pem; bruno The current Bruno UI settings for certificate validation don't work (v2.0.1)

Interesting: this webb app uses the "X-Forwarded-Host" header with the requested URL to built the final URL. The XFH header can include path and parameters, not just the host, and everything is combined. This gave me an easy 403 bypass at the proxy level, but I wonder what else can be done...