![]() Repeater: Burp Repeater is a tool for manually modifying and reissuing individual HTTP requests, and analysing their responses. Intruder: Burp Intruder is a tool for automating customised attacks against web applications. It is designed to be used by penetration testers, and to fit in closely with your existing techniques and methodologies for performing manual and semi-automated penetration tests of web applications. Scanner: Burp Scanner is a tool for performing automated discovery of security vulnerabilities in web applications. ![]() It uses various intelligent techniques to generate a comprehensive inventory of an application’s content and functionality. Spider: Burp Spider is a tool for mapping web applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions. ![]() Proxy: Burp Proxy is an interactive HTTP/S proxy server for attacking and testing web applications. The Burp Suite is made up of tools (descriptions take from the Port Swigger website): The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. All tools share the same robust framework for handling HTTP requests, persistence, authentication, upstream proxies, logging, alerting and extensibility.īurp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. The old Security Ninja blog has received over 2,000 visits to that blog post including an additional 30 visits so far in March.īurp Suite is an integrated platform for attacking web applications. If you Google “Burp Suite Tutorial” my blog post from 2008 saying I was going to write a tutorial is the 7 th result returned. The first item on my list is a tutorial for the Burp Suite. I wanted to create a list of things I’ve promised to write about but never got around to doing. I have been spending some time this week reviewing some of the old Security Ninja blog posts now that we are getting close to our second birthday.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |