Home | README.md | Portfolio | ← | →

Reading What is Burp Suite?

Explain how Burp Suite allows us to analyze web application traffic.

Many of the tools included in Burp Suite are designed to integrate with the main proxy and can have requests imported to them. For example, Intruder allows you to import a request and then configure arrange of payloads to attempt and can then run through them automatically.

What does the Repeater tool allow us to do with requests?

• you can import a web request and then make manual modifications to it and see the response side by side allowing you to make minor adjustments to attempted exploits and easily see if it’s working.

Why might this be a useful tool for an attacker?

• you can modify session tokens, cookies, and other stateful aspects of a request to test for issues like session management vulnerabilities and privilege escalation.