You can set-up NoVersionMapper
https://stackoverflow.com/questions/8602489/delete-version-number-in-url
from mobile (sorry for typos ;)
On Sat, Jul 31, 2021, 22:39 vahid ghasemi wrote:
> Hello
> I have a login form with a captcha.
> I tested my form with Burp suite (penetration test tool).
>
Hello
I have a login form with a captcha.
I tested my form with Burp suite (penetration test tool).
in Burp I can send header requests a lot of time for brood force(just
change password).
this problem is because of the number at end of my
URL(localhost:8080/login?1).
so with this way attackers can