What Is Burpsuite

Burpsuite - Tool Description

So What Is Burpsuite

What is Burpsuite you ask? Burp Suite is a Java based Web Penetration Testing framework. It has become an industry standard suite of tools used by information security professionals to identify vulnerabilities and verify attack vectors for web-based applications.

In its simplest form, Burpsuite can be classified as an Interception Proxy. A penetration tester configures their Internet browser to route traffic through the proxy which then acts as a sort of Man In The Middle by capturing and analyzing each request and response to and from the target web application. Individual HTTP requests can be paused, manipulated and replayed back to the web server for targeted analysis of parameter specific injection points. Injection points can be specified for manual as well as automated fuzzing attacks to discover potentially unintended application behaviors, crashes and error messages.

Burpsuite: Source

Burpsuite is created by: PortSwigger Web Security
It is available as a free download with limited but extremely capable functionality. However, the commercial suite is affordably priced and well worth the investment if you are serious about web penetration testing. You can obtain a licensed copy here: https://portswigger.net/buy/

Burpsuite: Related Content

Below are some of Pentest Geek’s articles which feature Burpsuite and are intended for educational purposes. If you desire a more complete understanding of the many capabilities and features you might enjoy purchasing the Web Application hackers Handbook.


Subscribe to Pentest Geek

Follow Pentest Geek

twitterrssyoutubetwitterrssyoutube

Recent Posts

Free Course

Penetration Testing

Categories

Metasploit

Web Application Hacking

css.php