Table of contents
Burp Suite is an integrated penetration testing tool that contains many functions that can help us efficiently complete penetration testing and attacks on web applications.
Burpsuite Basics
BP intercepts all network traffic passing through the proxy by intercepting the proxy, such as the client's request data and the server's return information. Burp Suite mainly intercepts the traffic of Http and Https protocols. Through interception, BP performs various information processing on the request data of the client and the return information of the server in the way of a middleman, so as to achieve the purpose of security testing.
1、Proxy
Burp Proxy is the core of the testing process using Burp. Through the proxy mode, we can intercept, view, and modify all data transmitted between the client and the server.
The interception function of Proxy mainly consists of five functions in the Intercept tab.
**forward:** indicates that the intercepted data packet or the modified data packet is sent to the server
Drop : Indicates to discard the currently intercepted data packet
Interception is on : indicates that the interception function is turned on, and becomes Interception is off after a stand-alone machine, indicating that the interception function is turned off.
Action: The data packet can be further sent to functional components such as Spider, Scanner, Repeater, and Intruder for further testing. At the same time, functions including the data packet request method and the encoding of its body can also be changed.
We can view the entity content, message header, request parameters and other information of this request in the message analysis option of Burp suite.
There are four message types in Burp to display data packets:
Raw: Display the raw format of web requests, and display data packets in plain text. You can manually modify these messages to conduct penetration tests on the server.
Params mainly displays the parameter information requested by the client, including Get or post request parameters and cookie parameters
Headers displays the header information in the packet, and displays the packet in the form of name and value
Hex corresponds to the binary content of the information in raw, which can be modified through the hex editor
2、spider
target —— The
spider crawling function in the sitemap spider helps us understand the structure of the system. The content crawled by the spider will be displayed in the target. The left side of the interface is a host and directory tree. Select a specific branch to view the corresponding request and response.
3、Decoder
Decoder is a tool for encoding, decoding and hash conversion that comes with bp. It can perform various encoding and decoding tools on raw data.
burp advanced
1、Scanner
It is mainly used to automatically detect various vulnerabilities in the web system.
First enter the Burp suite to turn off the function of proxy interception.
2、intruder
This is a custom highly configurable tool
that can automate attacks on web applications, such as enumerating usernames, IDs and account passwords through identifiers, fuzzing, sql injection, cross-site, directory traversal, etc.
3、Repeater
is a tool for manually modifying, reissuing individual http requests, and analyzing their responses. Its biggest use is that it can be combined with other bp tools to send the target site map, proxy browsing records, and burp Intruder attack results to Reapeater, and manually adjust
4、compare
It mainly provides a visual difference comparison function to compare and analyze the difference between the two data
5、sequencer
A tool for analyzing the randomness quality of data samples. It can be used to test whether the application's session token and password reset token are predictable. There are three parts:
information interception, manual loading, and option analysis.