Never copy and paste the contents of any report without understanding its contents. Try to test a vulnerability and make sure that it’s real before putting it into a final report. Burp will be the key in cases where you need to check how strong your website security is, how predictable your session tokens are, or how valid the checkpoint data in your application is.
Introduction Burp Suite
Burp is a local web proxy that allows you to manually modify, intercept, and inspect HTTP/S requests and responses between a user’s browser and the target website that you’re trying to test. As the user navigates through the web application manually, the tool intercepts all of the necessary details on all visited pages. The traffic between the server and the browser can be analyzed modified, visualized, and eventually, repeated multiple times.
Target: folder structure corresponds to the site’s URL structure
Proxy: Main engine of Burp, allow it to intercept and modify all web traffic.
Spider: Crawls applications to locate contents and functionality
Intruder: web fuzzing typically involves sending unexpected input to the target application, help identify web application security flaws.
Repeater: Manually modify and reissue web requests
Sequencer: Analyzes the quality of randomness in an application’s session tokens or other important data items that are intended to be unpredictable.
Decoder: Allows for encoding and decoding data
Comparer: Is a handy utility for performing a visual diff between any two items of data, such as pairs of similar web responses.
Extender: Extends Burps functionalities through using third-party apps
Practical examples of how to use Burp Suite
How to use Burp Proxy
How to install the Burp SSL certificate
How to crawl a web application
How to find hidden items using Burp
Using the Burp vulnerabilities scanner
How to use the Repeater tab
Exploring the functionalities of the Intruder tab
How to install additional applications in Burp
Please checkout the below links
Resume website — https://tommarler.org
Linkedin — https://www.linkedin.com/in/tom-m-bb4857112/
