Book Image

Burp Suite Cookbook

By : Sunny Wear
Book Image

Burp Suite Cookbook

By: Sunny Wear

Overview of this book

Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers. The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices. By the end of the book, you will be up and running with deploying Burp for securing web applications.

Related Content you might be interested in

Current Title:

Small book image
Burp Suite Cookbook
Sunny Wear
Sep, 2018 | 358 pages
Small book image
Hands-On Application Penetration Testing with Burp Suite
Carlos A Lozano | Riyaz Ahemed Walikar | Dhruv Shah
Feb, 2019 | 366 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Small book image
Practical Web Penetration Testing
Gus Khawaja
Jun, 2018 | 294 pages
Table of Contents (13 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Disclaimer
Targeting legal vulnerable web applications
Free Chapter
1
Getting Started with Burp Suite
Getting Started with Burp Suite
Introduction
Downloading Burp (Community, Professional)
Setting up a web app pentesting lab
Starting Burp at a command line or as an executable
Listening for HTTP traffic, using Burp
2
Getting to Know the Burp Suite of Tools
Getting to Know the Burp Suite of Tools
Introduction
Software tool requirements
Setting the Target Site Map
Understanding the Message Editor
Repeating with Repeater
Decoding with Decoder
Intruding with Intruder
3
Configuring, Spidering, Scanning, and Reporting with Burp
Configuring, Spidering, Scanning, and Reporting with Burp
Introduction
Software tool requirements
Establishing trust over HTTPS
Setting Project options
Setting user options
Spidering with Spider
Scanning with Scanner
Reporting issues
4
Assessing Authentication Schemes
Assessing Authentication Schemes
Introduction
Software tool requirements
Testing for account enumeration and guessable accounts
Testing for weak lock-out mechanisms
Testing for bypassing authentication schemes
Testing for browser cache weaknesses
Testing the account provisioning process via the REST API
5
Assessing Authorization Checks
Assessing Authorization Checks
Introduction
Software requirements
Testing for directory traversal
Testing for Local File Include (LFI)
Testing for Remote File Inclusion (RFI)
Testing for privilege escalation
Testing for Insecure Direct Object Reference (IDOR)
6
Assessing Session Management Mechanisms
Assessing Session Management Mechanisms
Introduction
Software tool requirements
Testing session token strength using Sequencer
Testing for cookie attributes
Testing for session fixation
Testing for exposed session variables
Testing for Cross-Site Request Forgery
7
Assessing Business Logic
Assessing Business Logic
Introduction
Software tool requirements
Testing business logic data validation
Unrestricted file upload – bypassing weak validation
Performing process-timing attacks
Testing for the circumvention of work flows
Uploading malicious files – polyglots
8
Evaluating Input Validation Checks
Evaluating Input Validation Checks
Introduction
Software tool requirements
Testing for reflected cross-site scripting
Testing for stored cross-site scripting
Testing for HTTP verb tampering
Testing for HTTP Parameter Pollution
Testing for SQL injection
Testing for command injection
9
Attacking the Client
Attacking the Client
Introduction
Software tool requirements
Testing for Clickjacking
Testing for DOM-based cross-site scripting
Testing for JavaScript execution
Testing for HTML injection
Testing for client-side resource manipulation
10
Working with Burp Macros and Extensions
Working with Burp Macros and Extensions
Introduction
Software tool requirements
Creating session-handling macros
Getting caught in the cookie jar
Adding great pentester plugins
Creating new issues via the Manual-Scan Issues Extension
Working with the Active Scan++ Extension
11
Implementing Advanced Topic Attacks
Implementing Advanced Topic Attacks
Introduction
Software tool requirements
Performing XXE attacks
Working with JWT
Using Burp Collaborator to determine SSRF
Testing CORS
Performing Java deserialization attacks
12
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Establishing trust over HTTPS

Since most websites implement Hypertext Transport Protocol Secure (HTTPS), it is beneficial to know how to enable Burp to communicate with such sites. HTTPS is an encrypted tunnel running over Hypertext Transport Protocol (HTTP).

The purpose of HTTPS is to encrypt traffic between the client browser and the web application to prevent eavesdropping. However, as testers, we wish to allow Burp to eavesdrop, since that is the point of using an intercepting proxy. Burp provides a root, Certificate Authority (CA) signed certificate. This certificate can be used to establish trust between Burp and the target web application.

By default, Burp's Proxy can generate a per-target CA certificate when establishing an encrypted handshake with a target running over HTTPS. That takes care of the Burp-to-web-application portion of the tunnel. We also need to address...

Previous Section
End of Section 4
Next Section