Burp Suite is a very popular set of tools used for web application penetration testing. It comes in three editions:
- Community, which is a free version of Burp Suite, which contains the essential tools needed for manual penetration testing.
- Professional, which is a paid version of Burp Suite that adds scanning capabilities, unlocks additional plugins and adds convenience features.
- Enterprise, which is a paid version of Burp Suite that adds scheduled scans, unlimited scalability and CI integration. However, it does not contain manual testing tools.
In this article you will learn about the most important features of Burp Suite and how they can help you perform web application penetration testing.
Interceptor
The feature Burp Suite is most known for is its ability to intercept and edit HTTP requests. This powerful feature gives you the ability to easily manipulate data which is passed from the client side to the server side. This makes Burp Interceptor (or another http request interceptor) an essential tool for any web application penetration tester.
Repeater
When penetration testing a particular endpoint, then it is possible to create a request in your browser, intercept it, edit it and send the edited request. However, if you wish to edit that request in 10 different ways, then it is inconvenient to have to create a new request 10 times to intercept.
In that case, you want to make use of the Repeater functionality of Burp Suite. You can right click on any intercepted request and send it to Repeater. You may also send past requests to the Repeater from the HTTP history tab.
The Repeater is very much like the Interceptor, except you may edit and send the same request multiple times. In other words, you can use it to easily repeat the request.
Intruder
Using Burp Repeater, you can easily modify an HTTP request and tinker with the payload. However, if you wish to try hundreds or thousands of different variations, then it’s still troublesome to do it manually.
To try out many payload variations automatically, you can use Burp Intruder. This can be used for brute forcing or credential stuffing. And the options aren’t limited to just credential guessing. In a more general sense, you can use this tool to send lots of different input to a web application and detect inconsistencies in the output. Inconsistencies in the output may be indicative of bugs or vulnerabilities.
Scanning
Burp Suite Pro offers scanning capabilities which can enhance your penetration testing.
Crawler
When using Burp Suite against a website, a site map will be created. This site map lists all the endpoints which have been discovered by viewing the website. If the HTTP response of a web page contains a reference to another endpoint, then that endpoint will be added to the site map.
In the below picture, the site map is partially unpopulated. The black-colored endpoints are endpoints which have already been queried using Burp. The grey-colored endpoints are endpoints, which Burp Suite has discovered a reference to, but which have not yet been queried. Some endpoints may be missing from the site list, which have neither been queried nor discovered.
Using Burp Crawler, you may crawl through a website to discover its endpoints. This is useful for discovering and noticing the existence of endpoints which you may have otherwise missed.
Scanner
Burp Suite can also be used for scanning a website for vulnerabilities. When a vulnerability scan is started, then requests will be made to endpoints to try to identify the existence of various vulnerabilities.
Utilities
Burp Suite comes with some helpful utilities. This makes Burp Suite a convenient one stop shop which fulfills many of your web application penetration testing needs.
Decoder
Often, exploits require the payload to be encoded in a certain format. Using Burp Suite Decoder, you can easily encode and decode payloads. It’s a simple and handy tool to have during penetration testing.
Comparer
Sometimes it’s necessary to compare strings or bytes. The Comparer tool is a simple way to accomplish that.
Extender
Last but not least, an extremely powerful feature of Burp Suite is the Extender. It provides the ability to extend the Burp Suite’s capabilities by installing plugins. Not all of the plugins are available for non-paying users, but even the free plugins can be incredibly useful. One such example is Turbo Intruder, which is intended to complement Burp Intruder by handling attacks that require extreme speed or complexity.
Summery:
Burp Suite Community includes manual testing tools. It is a free product.
Burp Suite Professional includes automated scanning features as well as manual testing tools. It is a paid product.
Burp Suite Enterprise includes automated scanning features. It allows scheduled scanning, CI integration and unlimited scaling. It is a paid product.
That’s a wrap! Happy learning!!
Source: RangeForce
