What Is Burp Suite

Burpsuite - Tool Description

So What Is Burp Suite

What is Burp Suite you ask? Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals to identify vulnerabilities and verify attack vectors for web-based applications.

In its simplest form, Burp Suite can be classified as an Interception Proxy. A penetration tester configures their Internet browser to route traffic through the proxy which then acts as a sort of Man In The Middle by capturing and analyzing each request and response to and from the target web application. Individual HTTP requests can be paused, manipulated and replayed back to the web server for targeted analysis of parameter specific injection points. Injection points can be specified for manual as well as automated fuzzing attacks to discover potentially unintended application behaviors, crashes and error messages.

Burp Suite Training

Burp Suite: Source

Burpsuite is created by: PortSwigger Web Security
It is available as a free download with limited but extremely capable functionality. However, the commercial suite is affordably priced and well worth the investment if you are serious about web penetration testing. You can obtain a licensed copy here: https://portswigger.net/buy/

Burp Suite: Related Content

Below are some of Pentest Geek’s articles which feature Burpsuite and are intended for educational purposes. If you desire a more complete understanding of the many capabilities and features you might enjoy purchasing the Web Application hackers Handbook.

Recent Posts

Latest Course

Penetration Testing



Web Application Hacking