Burp Suite - Web Application Penetration Testing Tool

Burp Suite

Burp Suite is an integrated platform developed for penetration testers to test and assess the security of web applications. It is very easy to use and is also highly configurable.

Burp Suite Free Edition

Here are some of the important tools in the burp suite:
  • Proxy: It can inspect and modify the traffic between your browser and the target web application.
  • Spider: It crawls web applications.
  • Scanner: It can find security vulnerabilities in web applications. This tool also displays detailed customized advisories for every reported issue.
  • Intruder: It is a powerful tool for automating customized attacks against the target web applications. 
  • Repeater: It is a simple tool for manually manipulating and reissuing individual HTTP requests, and analyzing the application's responses.
  • Sequencer: It can analyze the quality of randomness in a sample of data items.
  • Decoder: It is capable of transforming encoded data into its canonical form, or transforming raw data into various encoded and hashed forms.
  • Comparer: This one is used for performing a comparison between any two items of data.
  • Extender: It allows you extend the functionality of the burp suite using your own or third party code.
Burp Suite comes in two flavors, "Free Edition" and the "Professional Edition" ($349 per user per year). The free edition is limited, it doesn't have the Scanner, or the Search function, or the Target Analyzer, or  the Content Discovery function, or the Task Scheduler.

No comments

Powered by Blogger.