Search and destroy with Burp Suite
You can easily access Burp Suite from the Applications Menu. If it is not already in the Favorites panel, it can be found under the Web Applications Analysis submenu, like OWASP ZAP.
Burp Suite is a powerful framework for web application testing. A favorite of many application security testers, Burp Suite has several sections marked by tabs:
|
Burp Suite Tools | |||
|---|---|---|---|
|
Tab |
Purpose |
Tab |
Purpose |
|
Target |
Sets the test subject |
Scanner |
Scans the domain for vulnerabilities |
|
Proxy |
Uses Burp Suite as a proxy service |
Spider |
Makes a site map of all files accessible within a site |
|
Repeater |
Sends individual packets in a session multiple times |
Intruder |
Finds and exploits unusual vulnerabilities |
|
Burp Suite Utilities and Tool Configuration | |||
|
Tab |
Purpose |
Tab |
Purpose |
|
Comparer |
Used to compare any two character strings |
Sequencer |
Tests for how random your session tokens are |
|
Decoder |
Replaces coded strings with plain language strings |
Extender |
Creates... |
