Penetration Testing with BurpSuite – An introduction
How to get BurpSuite?It is available as a free download with limited but extremely capable functionality. In free edition, you will find tools like Proxy, Spider, Repeater, Sequencer, Decoder, Comparer and we can inspect and modify traffic between the browser and the target application, using the intercepting Proxy. In Professional Edition many powerful features are there to make your work faster and more effective which let you find more vulnerabilities in a shorter time. You can benefit from numerous high-value features, including search, target analysis, content discovery, and task scheduling. The tools which can be found in Professional Edition along with what is available in Free Edition are Intruder, scanner, save and restore, search, Target analyser, content discovery, task scheduler. However, the professional edition is affordably priced and well worth the investment if you are serious about web penetration testing. You can obtain a licensed copy here: https://portswigger.net/buy/
Features of Various Tools in BurpsuiteBurpSuite consists of various tools which are responsible for performing several testing activities. Individual tools can be used at different stages of testing as you progress at each stage to perform different actions. Features of each tool has been briefed below:
- The Burp Target tool shows the site map with detailed information about your target applications that are in scope of your current work and helps you drive the process of testing for vulnerabilities.
- Burp Proxy allows you to intercept, view and modify all requests and responses passing between your browser and destination web servers. You can also modify and play with the raw traffic passing in both directions.
- Burp Spider is a tool for automatically crawling web applications. It uses various intelligent techniques to generate an inventory of an application’s content and functionality.
- Burp Scanner is used to test for XSS vulnerabilities which may occur anywhere where an application includes in responses data that originated from any untrusted source.
- Burp Intruder is a powerful tool for carrying out automated customized attacks against web applications. It is highly configurable and can be used to perform a wide range of tasks to make your testing faster and more effective.
- Burp Repeater is a simple tool for manually manipulating and reissuing individual HTTP requests, and analysing the application’s responses. You can send a request to Repeater from anywhere within Burp, modify the request and issue it over and over.
- SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. Burp is used to Detect SQL Injection Flaws.
- Burp Decoder is a simple tool for transforming encoded data into its canonical form, or for transforming raw data into various encoded and hashed forms. It is capable of intelligently recognizing several encoding formats using heuristic techniques.
- Burp Comparer is a utility for performing a visual “diff” between any two items of data, such as pairs of similar HTTP messages.
- Save and Restore feature of Burp lets you save the state and configuration of the key tools, and restore this on another occasion. This facility is of huge benefit to penetration testers, enabling you to seamlessly resume yesterday’s work, perform backups of key information throughout a job, and take a complete archive of the information accumulated at the end of an engagement.
- Target Analyser can be used to analyse a target web application and tell you how many static and dynamic URLs it contains, and how many parameters each URL takes. This can help you assess how much effort a penetration testing engagement is likely to involve, and can help you decide where to focus your attention during the test itself.
- Task Scheduler can be used to automatically start and stop certain tasks at defined times and intervals. You can use the task scheduler to start and stop certain automated tasks out of hours while you are not working, and to save your work periodically or at a specific time.
- Content Discovery function can be used to discover content and functionality which is not linked from visible content that you can browse to or spider.
- Burp provides various functions that let you search for different items like Simple text search, find comments, find scripts, and find references to a particular URL. Suite-wide searches can be performed.
How to Use BurpSuite to Perform Security TestingA typical process of security testing consists of three high-level steps:
- Identification of the scope of security testing
- Performing the tests (including intrusion)