401 Reading 38 - marsecguy/reading-notes-cyberops GitHub Wiki

Burp Suite

1. Explain how Burp Suite allows us to analyze web application traffic.

   • Burp Suite works as a proxy between the browser and the web server to intercept incoming and outgoing traffic. The traffic can be held for analysis before allowing it to proceed to the destination.

2. What does the Repeater tool allow us to do with requests?

   • "Repeater allows you to import a web request and then make manual modifications to it and see the response side by side allowing you to make minor adjustments to attempted exploits and easily see if it’s working."

3. Why might this be a useful tool for an attacker?

   • An attacker can view, test and tweak the web request to get the response they desire and search for vulnerabilities on the web server.

Source: Technipages