Skip to content

Latest commit

 

History

History
135 lines (82 loc) · 5.8 KB

3.1.md

File metadata and controls

135 lines (82 loc) · 5.8 KB
Raw

3.1 Burp Suite

Burp Suite

What is Burp Suite?

OWASP ZAP (Zed Attack Proxy) is an open-source web application security scanner and proxy developed by the Open Web Application Security Project (OWASP). It is designed for testing web applications for security vulnerabilities during development and before deployment.

OWASP ZAP provides a wide range of features for both manual and automated testing of web applications. Some of its key features include:

  1. Intercepting and modifying HTTP/HTTPS requests and responses for testing purposes.
  2. Spidering functionality to automatically discover and map out the structure of a web application.
  3. Active and passive scanning for identifying common security vulnerabilities such as cross-site scripting (XSS), SQL injection, and more.
  4. Fuzzer tools for automated testing of input validation and error handling.
  5. Support for scripting and automation through APIs and add-ons.
  6. Reporting capabilities to generate detailed reports of security findings.

{% content-ref url="https://app.gitbook.com/s/iS3hadq7jVFgSa8k5wRA/practical-ethical-hacker-notes/tools/burp-suite" %} Burp Suite {% endcontent-ref %}

Download Burp Suite

wget "https://portswigger.net/burp/releases/startdownload?product=community&version=2023.12.1.5&type=Jar" -O burpsuite.jar

Start Burp Suite

_JAVA_AWT_WM_NONREPARENTING=1 java -jar burpsuite.jar >/dev/null 2>&1 &

or we can run it using GUI mode.

Burp Suite Configuration

Firefox + Foxy Proxy Extension

We can instrade browser traffic to Burp Suite configuring Browser settings or installing and configuring a browser extension:

{% embed url="https://portswigger.net/burp/documentation/desktop/external-browser-config/browser-config-firefox" %}

Foxy Proxy

https://getfoxyproxy.org/

{% embed url="https://null-byte.wonderhowto.com/how-to/use-burp-foxyproxy-easily-switch-between-proxy-settings-0196630/" %}

Chromium

The following configurations permits to configure Burp for Chromium, use a dedicated IP:Port, instrade traffic for PT web activities and ignore certificates errors:

chromium \
    --user-data-dir=pt-activity \
    --proxy-server=127.0.0.1:8080 \
    --ignore-certificate-errors \
    --proxy-bypass-list="<-loopback>" \
    >/dev/null 2>&1 &

Add certificate to Chromium

Download certificates going to burp default page: localhost:8080 and click on CA Certificate to download cacert.der file, or download it directly on Burp Suite app using tab Tools -> Proxy -> Proxy Listeners -> Import/Export CA Certificate

and import it in the dedicated certificates setting Chromium section:

chrome://settings/certificates

Burp Suite Features

SiteMap

The site map shows the information that Burp collects as you explore your target application. It builds a hierarchical representation of the content from a number of sources. These include information from scans, and the URLs you discover as you browse the target manually. You can also see:

  • A list of the contents.
  • Full requests and responses for individual items.
  • Full information about any security issues that Burp discovers.

{% embed url="https://portswigger.net/burp/documentation/desktop/tools/target/site-map" %}

Intruder

Burp Intruder is a tool for automating customized attacks against web applications. It enables you to configure attacks that send the same HTTP request over and over again, inserting different payloads into predefined positions each time.

{% embed url="https://portswigger.net/burp/documentation/desktop/tools/intruder" %}

Decoder

Burp Decoder enables you to transform data using common encoding and decoding formats. You can use Decoder to:

  • Manually decode data.
  • Automatically identify and decode recognizable encoding formats, such as URL-encoding.
  • Transform raw data into various encoded and hashed formats.

Decoder enables you to apply layers of transformations to the same data. This enables you to unpack or apply complex encoding schemes. For example, to generate modified data in the correct format for an attack, you could:

  1. Apply URL-decoding, then HTML-decoding.
  2. Edit the decoded data.
  3. Reapply the HTML-encoding, then the URL-encoding.

{% embed url="https://portswigger.net/burp/documentation/desktop/tools/decoder" %}

Repeater

Burp Repeater is a tool that enables you to modify and send an interesting HTTP or WebSocket message over and over.

You can use Repeater for all kinds of purposes, for example to:

  • Send a request with varying parameter values to test for input-based vulnerabilities.
  • Send a series of HTTP requests in a specific sequence to test for vulnerabilities in multi-step processes, or vulnerabilities that rely on manipulating the connection state.
  • Manually verify issues reported by Burp Scanner.

{% embed url="https://portswigger.net/burp/documentation/desktop/tools/repeater" %}

Others References

{% embed url="https://github.com/LeonardoE95/yt-en/blob/main/src/2024-02-18-web-exploitation-burpsuite/content/notes.org" %}