BurpSuite

Ace your homework & exams now with Quizwiz!

BurpSuite

a framework of web application pentesting tools, is widely regarded as the de facto tool to use when performing web app testing.

Comparer

a tool that can be used to compare different responses or other pieces of data such as site maps or proxy histories ; very similar to the Linux tool 'diff'

Target Tab

allows users to perform the following : defining our scope, viewing a site map, and specifying issue definitions

"Happy Path"

browsing a website with lowest privilege as a normal user would in order to discover the full extent of the site

Repeater

Burp Suite Component : 'repeats' requests that have previously been made with or without modification; often used in precursor step to fuzzing with the aforementioned Intruder

Decoder

Burp Suite Component : a tool that allows us to perform various transforms on pieces of data ; these transforms vary from decoding/encoding to various bases or URL encoding

Proxy

Burp Suite Component : allows us to funnel traffic through Burp suite for further analysis.

Sequencer

Burp Suite Component : analyzes the 'randomness' present in parts of the web app which are intended to be unpredictable ; commonly used for testing session cookies

Scanner

Burp Suite Component : automated web vulnerability scanner that can highlight areas of the application for further manual investigation or possible exploitation with another section of Burp (Premium version)

Intruder

Burp Suite Component : incredibly powerful tool for everything from field fuzzing to credential stuffing and more

Extender

Burp Suite Component : similar to adding mods in video games, this tool allows us to add components such as tool integration, additional scan definitions, and more

Target

Burp Suite Component : used to set the scope of a project; can also be used to effectively create a site map of the application we are testing.


Related study sets

Nurs 1182 Hypo/hyperthermia Week 4 Adults

View Set

Computer Science 202 Midterm (chapters 9-12)

View Set

Chapter 10: Fluid and Electrolytes

View Set

Sin, cos, tan of 30, 60, 45, 0, 90, 180, 270, 360

View Set

Chapter 11: Production, Operations, and Supply Chain Management

View Set

Chapter 9: Learning, Memory, and Product Positioning

View Set

W3: Acid-Base, Pulmonary Embolism

View Set

NURS2120- Final Exam Study Guide - Even Chapters

View Set

Chapter 17 Adaptive Immunity: Specific Defenses of the Host

View Set

Week #15 Waterways of the United States

View Set