0x00 environment and installation
The 2021 Professional Edition recommends using jdk11
BP: https://portswigger.net/Burp/Releases
Keygen: https://github.com/h3110w0r1d-y/BurpLoaderKeygen/releases
java sdk: https://download.java.net/openjdk/jdk11/ri/ openjdk-11+28_windows-x64_bin.zip
**vbs自启动脚本:**
DIM objShell
DIM command
set objShell=wscript.createObject("wscript.shell")
command="java -javaagent:BurpLoaderKeygen.jar -noverify -jar burpsuite_pro_v2021.7.jar"
iReturn=objShell.Run(command, 0, TRUE)
**bat脚本启动:**
java -javaagent:BurpLoaderKeygen.jar -noverify -jar burpsuite_pro_v2021.12.1.jar
The above installation can also use
BurpSuite 2021 - java 11
http://jdk.java.net/java-se-ri/11
BurpSuite download:
https://portswigger.net/burp/releases
activation file (keyboard):
https https://github.com/h3110w0r1d-y/BurpLoaderKeygen/releases
0x01 Main window page:
0x02 Introduction of Dashboard module (scanning and auditing)
Create a new scan object, here is the crawling and audit test, the following protocol module can set the crawling conditions, that is, not crawling some objects, other according to the default
configuration, you can set your own UA header
and set account password to access
other Parameters
Scanning results: For more details, you can click the view module in the lower right corner of the project to see the crawled url information and scanning results.
View you in more detailed modules (Target module)
0x03 Use of New live task module
1st module: real-time auditing from proxies (all traffic)
2nd module: dynamic passive crawling from proxies (all traffic)
Crawling results:
0x04 Use of proxy module
(1) Proxy is the most commonly used module, intercepting proxy traffic for operations, etc.
(2) Proxy----intercept module detailed explanation
can audit the current request, or store and send it to other pages for other operations, etc., and
import it elsewhere Other request data packets
intercept the return packet of the current data packet, and can perform forgery verification and other operations, which will be used in subsequent infiltrations to
perform urlcode encoding on the current input object, and some special symbols will be automatically converted into url encoding
(3 )proxy----http hitsory module record request log function
(4) proxy----options module monitoring configuration Intercepting
proxy settings, proxy is to intercept the currently set IP and port
add request interception rule setting module – intercept client requests
can set not to intercept certain conditions, such as not to intercept request address suffix For jpg, etc., the proxy will automatically release this data packet.
Setting: only intercept post requests.
The following module is aimed at the interception conditions of return packets, which are not used too much at present.
Automatically replace the specified content of the request packet with some content—match and replace
this The other content of the proxy module does not have too many usage requirements. The above descriptions are commonly used. Other content will be explained in detail below.
0x05 Introduction to the use of Target module
After capturing the traffic, this module plays an auxiliary role, and can observe the links in the captured pages, etc.
0x06 Introduction to the use of the Repeater module
Send data to sitemap module
Encryption and decryption of data, etc.
The modification of the hex value of the data is often used for infiltration bypassing
, etc. The use of the same options as changing the data packet on the right involves adding and modifying the fields of the data packet, etc., so don’t worry about format errors
0x07 Intruder module introduction
This module is often used, and the commonly used modules are listed here
1. Four modes of blasting
Sniper: sniper single-point mode, fill the data to the designated position one by one
Battering ram: fill the data to multiple designated positions at the same time , for example, the data of dictionary A is filled into two positions at the same time.
Pitchfork: match each dictionary one by one symmetrically, for example, the
No. Cross-matching, for example, all the bits of the A dictionary match all the bits of the B dictionary, and
the inturder payload combination cracks the blasting mode:
0x08 Decoder encryption and decryption module
0x09 Comparer data comparison module
0x10 Extender - plug-in environment module
Add the java and python environment, and the later plug-ins can be used by Baidu by themselves
Attention! The jython environment of the configured python must have environment variables, that is, python can be used directly in the cmd environment
0x11 Proxy setting User option module
Use port query:
proxy configuration:
Other uses of BurpSuite:
1. dump to list the fields of sql injection
2. blast directory dictionary
3. blast sql injection/xss, etc., select the corresponding blast dictionary test
4 blast base64 rule combination password account, etc.
5...