burpsuite the intruder module is very powerful, before using this module requires the use of proxy module captures data packet is then sent to the desired position and mark the need to attack the intruder, here are four modes passing, the article content basis for comparison.
Total test request 1.sniper (sniper) This mode using a single set of payload parameters requested by one position multiplied by the number of payload
example: a total of two position three tests for each set number of payload, so a total of 6 requests
2.Battering ram (battering ram) this mode using a single set of payload, or a plurality of variable position tag each request with the same payload
may be used a plurality of payload (fork) this mode 3.Pitchfor group,
for example: two location markers are provided corresponding to two request dictionaries payload 1-12-2 way
4.Cluster bomb (projection bomblets many cluster bomb explosion) mode using a plurality of such payload group, similar patterns Cartesian product 1-11-22-12-2 mode
reference articles: https://blog.csdn.net/u011975363/article/details/79874971
burpsuite in intruder attack mode four modules
Guess you like
Origin blog.csdn.net/qq_45237725/article/details/104235260
Recommended
Ranking