Skip to content

Burp Suite

Industry-standard web vulnerability scanner & proxy

JavaWebsite

Description

Burp Suite is the industry-standard toolkit for web application security testing. It functions as an intercepting proxy, vulnerability scanner, and exploitation framework. The Community Edition is free; the Professional edition adds the automated scanner, advanced Intruder, and Collaborator for OOB testing. Every serious bug bounty hunter uses Burp.

Installation

BASH 
# Download from PortSwigger
# https://portswigger.net/burp/communitydownload

# Kali (pre-installed)
burpsuite

# CLI launch with custom memory
java -Xmx4g -jar burpsuite_community.jar

Core Tools

  • Proxy — Intercept, inspect, and modify all HTTP/S traffic between browser and target
  • Repeater — Manually modify and resend individual requests for testing
  • Intruder — Automated payload delivery for brute force, fuzzing, and parameter testing
  • Scanner (Pro) — Automated active and passive vulnerability scanning
  • Decoder — Encode/decode data in Base64, URL, HTML, Hex, and other formats
  • Comparer — Visual diff between two requests/responses
  • Sequencer — Analyze the quality of randomness in session tokens
  • Collaborator (Pro) — Out-of-band interaction server for blind vulnerability testing

Setup

TEXT 
# Browser Proxy Configuration
1. Set browser proxy → 127.0.0.1:8080
2. Visit http://burp → Download CA certificate
3. Install CA in browser certificate store (for HTTPS interception)

# Recommended: Use FoxyProxy browser extension for easy switching

Essential Workflow

TEXT 
# Passive Reconnaissance
1. Set scope: Target → Scope → Add target domain
2. Browse the application normally
3. Review Sitemap for discovered endpoints
4. Check HTTP history for interesting parameters

# Active Testing
1. Send interesting requests to Repeater (Ctrl+R)
2. Modify parameters — test for SQLi, XSS, IDOR
3. Use Intruder for automated fuzzing (Ctrl+I)
4. Mark payload positions with § markers
5. Load wordlists and start attack

# Blind Testing (Pro)
1. Use Collaborator for OOB testing
2. Insert Collaborator URLs in SSRF, XXE, blind XSS payloads
3. Monitor Collaborator for DNS/HTTP callbacks

Must-Have Extensions

TEXT 
# Install from BApp Store (Extender tab):
Autorize          — Automated IDOR/authorization testing
Logger++          — Enhanced HTTP logging with filters
Param Miner       — Hidden parameter discovery & cache poisoning
Active Scan++Enhanced active scanning rules
JWT EditorJWT token manipulation
Turbo IntruderHigh-speed request sending for race conditions
Backslash ScannerServer-side injection detection
Retire.js         — Detect vulnerable JavaScript libraries

Pro Tips

TEXT 
# Match and Replace (auto-modify requests)
Proxy → Options → Match and Replace
# Auto-add headers, replace values, force HTTP methods

# Macro-based authentication
Project options → Sessions → Add Macro
# Keep session alive during scanning

# Scope filtering
Target → Scope → Use advanced scope control
# Only show in-scope items in HTTP history

# Hotkeys
Ctrl+R — Send to Repeater
Ctrl+I — Send to Intruder
Ctrl+U — URL-encode selection
Ctrl+Shift+U — URL-decode selection
Back to Miscellaneous