Review: Burp Suite - Web App Testing Tools

Review: Burp Suite - Web Application Security Testing Tool Suite

Review of the Free & Open Source Software (FOSS) digital forensics (computer forensics) tools included in the SANS Investigative Forensic Toolkit (SIFT) Workstation.

REVIEW SUMMARY

Burp Suite is an integrated platform for performing security testing of web applications. Burp's tools are integrated to support the entire web application testing process, from initial mapping and analysis of application attack surfaces through finding and exploiting security vulnerabilities. Burp provides flexible control to the web application tester, allowing him/her to combine sophisticated manual techniques with state-of-the-art automation.

Burp Suite contains the following key tools:

• Intercepting Proxy tool: allows you to inspect and modify traffic between your browser and the target application;
  
• Application-aware Spider tool: allows you to crawl web content and application functionality;
  
• Application-aware Scanner tool: automates the detection of numerous types of vulnerabilities;
  
• Intruder tool: executes powerful customized attacks to find and exploit unusual vulnerabilities;
  
• Repeater tool: supports manipulating and resending individual requests; and
  
• Sequencer tool: tests the randomness of session tokens.
  

Burp is relatively easy to use and is customizable. It is highly recommended for both cybersecurity noobs and certified ethical hackers.

Reviewer: Editor, CybersecurityForum
Cybersecurity Software Reviewed: Burp Suite - Web Application Security Testing Tool Suite
Date Published: 12/15/2019
Editor Rating: 3.5 / 5 Stars