Review: Burp Suite - Web App Testing Tools


Review of the Free & Open Source Software (FOSS) digital forensics (computer forensics) tools included in the SANS Investigative Forensic Toolkit (SIFT) Workstation.


Burp Suite is an integrated platform for performing security testing of web applications. Burp’s tools are integrated to support the entire web application testing process, from initial mapping and analysis of application attack surfaces, through finding and exploiting security vulnerabilities. Burp provides flexible control to the web application tester, allowing her to combine sophisticated manual techniques with state-of-the-art automation.

Burp Suite contains the following key tools:

  • Intercepting Proxy tool: allows you to inspect and modify traffic between your browser and the target application;
  • Application-aware Spider tool: allows you to crawl web content and application functionality;
  • Application-aware Scanner tool: automates the detection of numerous types of vulnerabilities;
  • Intruder tool: executes powerful customized attacks to find and exploit unusual vulnerabilities;
  • Repeater tool: supports manipulating and resending individual requests; and
  • Sequencer tool: tests the randomness of session tokens.
Burp is relatively easy to use and is customizable. It is highly recommended for both cybersecurity noobs and certified ethical hackers.

Cybersecurity Software Reviewed: Burp Suite - Web Application Security Testing Tool Suite
Date Published: 12/15/2014
Editor Rating: 3.5 / 5 Stars

⁃ Functionality (40%)
⁃ Performance (20%)
⁃ Usability (20%)
⁃ Portability (10%)
⁃ Value (10%)



CYBERSECURITY FORUM and are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.