Burp Suite Guide:
- Burp proxy: used to intercept traffic between the browser and target application -> similar to a man-in-the-middle attack.
- Burp Sitemap and Site proxy: shows sitemap and site scope -> lets you choose the scope of security testing
- Displays various sections of a particular domain (ex. Google)
- shows how to execute search
- Burp Spider: used to get a complete list of URLs and parameters of each site. Looks through each page manually and finds the links within the testing scope.
- Using spider: Proxy and interceptors should be off. -> Manually visiting more sites will give spider a larger coverage area.
Questions:
- Is Burpsuite similar to anything you have used before?
- What can be potential issues using this software?
Leave a Reply
You must be logged in to post a comment.