Review: Burp Suite - Web App Testing Tools

TOP
    PICK 

Review of the Free & Open Source Software (FOSS) digital forensics (computer forensics) tools included in the SANS Investigative Forensic Toolkit (SIFT) Workstation.

REVIEW SUMMARY

Burp Suite is an integrated platform for performing security testing of web applications. Burp’s tools are integrated to support the entire web application testing process, from initial mapping and analysis of application attack surfaces, through finding and exploiting security vulnerabilities. Burp provides flexible control to the web application tester, allowing her to combine sophisticated manual techniques with state-of-the-art automation.

Burp Suite contains the following key tools:

  • Intercepting Proxy tool: allows you to inspect and modify traffic between your browser and the target application;
  • Application-aware Spider tool: allows you to crawl web content and application functionality;
  • Application-aware Scanner tool: automates the detection of numerous types of vulnerabilities;
  • Intruder tool: executes powerful customized attacks to find and exploit unusual vulnerabilities;
  • Repeater tool: supports manipulating and resending individual requests; and
  • Sequencer tool: tests the randomness of session tokens.
Burp is relatively easy to use and is customizable. It is highly recommended for both cybersecurity noobs and certified ethical hackers.

Cybersecurity Software Reviewed: Burp Suite - Web Application Security Testing Tool Suite
Date Published: 12/15/2014
Editor Rating: 3.5 / 5 Stars

EDITOR RATINGS
⁃ Functionality (40%)
⁃ Performance (20%)
⁃ Usability (20%)
⁃ Portability (10%)
⁃ Value (10%)
⁃ OVERALL






PLATFORMS


DOWNLOAD LINKS

CYBERSECURITY FORUM and CyberSecurityForum.com are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.