Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Burp Suite Cookbook

By : Dr. Sunny Wear

4.9 (9)

Burp Suite Cookbook

4.9 (9)

By: Dr. Sunny Wear

Overview of this book

Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers. The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices. By the end of the book, you will be up and running with deploying Burp for securing web applications.

Preface

Preface

Who this book is for

What this book covers

To get the most out of this book

Sections

Get in touch

Disclaimer

Targeting legal vulnerable web applications

Free Chapter

Getting Started with Burp Suite

Getting Started with Burp Suite

Introduction

Downloading Burp (Community, Professional)

Setting up a web app pentesting lab

Starting Burp at a command line or as an executable

Listening for HTTP traffic, using Burp

Getting to Know the Burp Suite of Tools

Getting to Know the Burp Suite of Tools

Introduction

Software tool requirements

Setting the Target Site Map

Understanding the Message Editor

Repeating with Repeater

Decoding with Decoder

Intruding with Intruder

Configuring, Spidering, Scanning, and Reporting with Burp

Configuring, Spidering, Scanning, and Reporting with Burp

Introduction

Software tool requirements

Establishing trust over HTTPS

Setting Project options

Setting user options

Spidering with Spider

Scanning with Scanner

Reporting issues

Assessing Authentication Schemes

Assessing Authentication Schemes

Introduction

Software tool requirements

Testing for account enumeration and guessable accounts

Testing for weak lock-out mechanisms

Testing for bypassing authentication schemes

Testing for browser cache weaknesses

Testing the account provisioning process via the REST API

Assessing Authorization Checks

Assessing Authorization Checks

Introduction

Software requirements

Testing for directory traversal

Testing for Local File Include (LFI)

Testing for Remote File Inclusion (RFI)

Testing for privilege escalation

Testing for Insecure Direct Object Reference (IDOR)

Assessing Session Management Mechanisms

Assessing Session Management Mechanisms

Introduction

Software tool requirements

Testing session token strength using Sequencer

Testing for cookie attributes

Testing for session fixation

Testing for exposed session variables

Testing for Cross-Site Request Forgery

Assessing Business Logic

Assessing Business Logic

Introduction

Software tool requirements

Testing business logic data validation

Unrestricted file upload – bypassing weak validation

Performing process-timing attacks

Testing for the circumvention of work flows

Uploading malicious files – polyglots

Evaluating Input Validation Checks

Evaluating Input Validation Checks

Introduction

Software tool requirements

Testing for reflected cross-site scripting

Testing for stored cross-site scripting

Testing for HTTP verb tampering

Testing for HTTP Parameter Pollution

Testing for SQL injection

Testing for command injection

Attacking the Client

Attacking the Client

Introduction

Software tool requirements

Testing for Clickjacking

Testing for DOM-based cross-site scripting

Testing for JavaScript execution

Testing for HTML injection

Testing for client-side resource manipulation

Working with Burp Macros and Extensions

Working with Burp Macros and Extensions

Introduction

Software tool requirements

Creating session-handling macros

Getting caught in the cookie jar

Adding great pentester plugins

Creating new issues via the Manual-Scan Issues Extension

Working with the Active Scan++ Extension

Implementing Advanced Topic Attacks

Implementing Advanced Topic Attacks

Introduction

Software tool requirements

Performing XXE attacks

Working with JWT

Using Burp Collaborator to determine SSRF

Testing CORS

Performing Java deserialization attacks

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Establishing trust over HTTPS

Since most websites implement Hypertext Transport Protocol Secure (HTTPS), it is beneficial to know how to enable Burp to communicate with such sites. HTTPS is an encrypted tunnel running over Hypertext Transport Protocol (HTTP).

The purpose of HTTPS is to encrypt traffic between the client browser and the web application to prevent eavesdropping. However, as testers, we wish to allow Burp to eavesdrop, since that is the point of using an intercepting proxy. Burp provides a root, Certificate Authority (CA) signed certificate. This certificate can be used to establish trust between Burp and the target web application.

By default, Burp's Proxy can generate a per-target CA certificate when establishing an encrypted handshake with a target running over HTTPS. That takes care of the Burp-to-web-application portion of the tunnel. We also need to address...

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Burp Suite Cookbook

Search

Your notes and bookmarks