Burp ****
The Leading Web application testing tool on the market. Has a community edition that is free and handy for basic web app testing and CTF level functionality. Also has a pro version that has advanced features like a powerful brute forcing too, vulnerability scanner and access to more extensions.
{% tabs %} {% tab title="Guides and Support Tools" %}
- Burp Commander - Ruby command-line interface to Burp Suite's REST API
- https://burpsuite.guide/ - Get information on the usage of extensions along with other tips and tricksc
- https://www.blackhillsinfosec.com/using-simple-burp-macros-to-automate-testing/
- https://portswigger.net/support/using-burp-suites-engagement-tools
- SANS Burp Cheat Sheet - https://sansorg.egnyte.com/dl/x19ByeTOpS
- IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists. {% endtab %}
{% tab title="Platform Components" %}
- Dashboard - Burp's dashboard lets you control and monitor Burp's automated activity:
- Target - The Target tool contains the site map, with detailed information about your target applications. It lets you define which targets are in scope for your current work, and also lets you drive the process of testing for vulnerabilities.
- Proxy - Burp Proxy lies at the heart of Burp's user-driven workflow, and lets you intercept, view, and modify all requests and responses passing between your browser and destination web servers.
- Intruder - Burp Intruder is a powerful tool for automating customized attacks against web applications. It can be used to automate all kinds of tasks that may arise during your testing.
- https://portswigger.net/burp/documentation/desktop/tools/intruder
- https://portswigger.net/burp/documentation/desktop/tools/intruder/using
- https://www.hackingarticles.in/burp-suite-for-pentester-fuzzing-with-intruder-part-1/
- https://www.hackingarticles.in/burpsuite-for-pentester-fuzzing-with-intruder-part-2/
- Repeater - Burp Repeater is a simple tool for manually manipulating and reissuing individual HTTP requests, and analyzing the application's responses. You can send a request to Repeater from anywhere within Burp, modify the request and issue it over and over.
- Sequencer - Burp Sequencer is a tool for analyzing the quality of randomness in a sample of data items. You can use it to test an application's session tokens or other important data items that are intended to be unpredictable, such as anti-CSRF tokens, password reset tokens, etc.
- Decoder - Burp Decoder is a simple tool for transforming encoded data into its canonical form, or for transforming raw data into various encoded and hashed forms. It is capable of intelligently recognizing several encoding formats using heuristic techniques.
- Comparer - Burp Comparer is a simple tool for performing a comparison (a visual "diff") between any two items of data.
- Logger - Logger is a tool for recording network activity. Logger records all HTTP traffic that Burp Suite generates, for investigation and analysis
- Extender - Burp Extender lets you use Burp extensions, to extend Burp's functionality using your own or third-party code.
- Project Options - Burp contains a large number of suite-wide options that affect the behavior of all tools.
- Collaborater - Burp Collaborator is a network service that Burp Suite uses to help discover many kinds of vulnerabilities.
{% tab title="Payloads" %}
- Payload Processing Rule in Burp suite (Part 1)
- Payload Processing Rule in Burp suite (Part 2)
- Beginners Guide to Burpsuite Payloads (Part 1)
- Beginners Guide to Burpsuite Payloads (Part 2) {% endtab %} {% endtabs %}
{% tabs %} {% tab title="Collections" %}
{% tab title="Multi-Vuln Scanners" %}
- HUNT - HUNT Suite is a collection of Burp Suite Pro/Free and OWASP ZAP extensions, collected by Bug Crowd.
- BurpBounty - This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive Burp Suite scanner by means of personalized rules through a very intuitive graphical interface.
- Burp Bounty Pro - Premium bundle of vulnerabilites to scan for.
- VulnersScan - Burp Suite scanner plugin based on Vulners.com vulnerability database API
- Active Scan++ - Burp Scanner automates the task of scanning web sites for content and vulnerabilities. Depending on configuration, the Scanner can crawl the application to discover its content and functionality, and audit the application to discover vulnerabilities. Active Scan++ is an extension that expands the scanning capabilities of Burp Suite.
- ParamMiner - This extension identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities. {% endtab %}
{% tab title="Single Vuln Scanners" %}
- Retire.JS - Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
- sqlipy - SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
- Backslash powered scanner - Active scan for SSTI detection
- CSFR Scanner - Passive CSRF detection
- Freddy - Find Deserialization Bugs
- JSON Web Tokens - decode and manipulate JSON web tokens
- Web cache deception scanner - Tests applications for the Web Cache Deception vulnerability.
- HTTP Request Smuggler - Active scanner and launcher for HTTP Request Smuggling attacks
- Upload Scanner - Tests various upload vulnerabilities
- SSRF-KIng - SSRF plugin for burp Automates SSRF Detection in all of the Request
- shelling - a comprehensive OS command injection payload generator
- Autorise - Tool for detecting autorization vulerabilities such as Indirect Object Reference.
- Java Deserialization Scanner - Active and passive scanner to find Java deserialization vulnerabilities {% endtab %}
{% tab title="Utility" %}
- Hackbar - Hackbar is a plugin designed for the penetration tester such in order to help them to speed their manual testing procedures**.**
- Burp-Send-To - Adds a customizable "Send to..."-context-menu to your Burp Suite. Handy for easily sending data into another tool like SQLmap
- Turbo Intruder - Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It's intended to complement Burp Intruder by handling attacks that require extreme speed or complexity.
- burp-exporter - Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.
- Flow - History of all burp tools, extensions and tests. Handy to pull all your results together
- Decoder Improved - Decoder Improved is a data transformation plugin for Burp Suite that better serves the varying and expanding needs of information security professionals.
- web3-decoder - Web3 Decoder is a Burp Suite Extension that helps to analyze what is going on with the operations involving smart contracts of the web3. This is mainly JSON-RPC calls to Ethereum Nodes, and nodes of other compatible networks (like Polygon, Arbitrum, BSC...)
- WSDLer - This extension takes a WSDL request, parses out the operations that are associated with the targeted web service, and generates SOAP requests that can then be sent to the SOAP endpoints.
- WSDL Wizard: This extension scans a target server for WSDL files. After performing normal mapping of an application’s content, right click on the relevant target in the site map, and choose “Scan for WSDL files” from the context menu. The extension will search the already discovered contents for URLs with the .wsdl file extension, and guess the locations of any additional WSDL files based on the file names known to be in use. The results of the scanning appear within the extension’s output tab in the Burp Extender tool. {% endtab %} {% endtabs %}
- https://tryhackme.com/room/burpsuitebasics
- https://tryhackme.com/room/burpsuiterepeater
- https://tryhackme.com/module/learn-burp-suite
{% embed url="https://youtu.be/ouDe5sJ_uC8" %}
{% embed url="https://youtu.be/kbi2KaAzTLg" %}
- https://www.hacker101.com/playlists/burp_suite.html - 3 video series by Hacker101
- https://portswigger.net/web-security - The big training platform for Web Security Testing by the makers of Burp Suite.