Upload
utkarsh-bhargava
View
339
Download
3
Embed Size (px)
Citation preview
● About me :- ● @U7KAR5H
null Bhopal Monthly MeetMay 2016 ● Utkarsh
Bhargava● Not a Hacker ● Chapter Lead @ null
Bhopal
INTRODUCTION TO BURP
MORE THAN JUST A SILLY NAME• Burp is a proxy-based web application testing tool
• De-facto standard for manual web app. Testing
• Free and paid-for versions available
• Other options are available– OWASP ZAP – upcoming Open Source alternative– Telerik Fiddler – Primarily windows based alternative
WHY PROXIES?• Intercept and modify traffic between client and server
• Bypass any JavaScript restrictions
• Access hidden fields
• Modify headers
• Modify cookies
BURP TOUR – SITEMAP
BURP TOUR – SCOPE
BURP TOUR INTERCEPT
BURP TOUR – HTTP HISTORY
BURP TOUR - SPIDER
BURP TOUR - SCANNER
BURP TOUR - INTRUDER
BURP TOUR - REPEATER
BURP TOUR - SEQUENCER
BURP TOUR - DECODER
BURP TOUR – OPTIONS
Thats all !!!
● Any Questions
● Thank You