December 8, 2015

BurpSuite

Burp Suite is one of the best tools available for web application testing.  As you can see below I uncovered a GET request to a Russian domain.  Needless to say my first thought was a compromise.  Anyway, it has a wide variety of features to help you perform various tasks, like intercepting a request and modifying it on the fly,  scanning web applications for vulnerabilities, brute forcing login forms, performing a check for the randomness of session tokens, etc.

burpSuite01

Help with BurpSuite = http://resources.infosecinstitute.com/burp-suite-walkthrough/