Some additional titles you might consider include but are definitely not limited to: This book covers every aspect of Burp Suite in much greater detail than this tutorial and should be considered an absolute MUST READ for any professional that is serious about Web Penetration Testing and ethical hacking.Īs a reminder, Pentest Geek will receive a small commission if you purchase any of these titles by following the affiliate links on this page. I highly recommend you purchase The Web Application Hacker’s Handbook. The “Request” & “Response” tabs will display exactly what Burp Suite sent to the target application in order to check for the vulnerability as well as what was returned by the application. The “Advisory” tab contains information about the vulnerability including a high-level detail, description and proposed recommendation. The right-hand lower pane displays the verbose Request/Response information pertaining to the specific vulnerability selected from the right-hand upper pane. Click on a node in the left pane to see the identified vulnerabilities associated with that target. Burp Suite provides everything you need to do this on the “Scanner/Results” tab. Its always a good idea to thoroughly validate the results of any automated scanning tool.
BURP SUITE TUTORIAL PART 2 HOW TO
How To Use Burp Suite – Validating Scanner Results In part 2 of this series we will continue to explore how to use Burp Suite including: Validating Scanner Results, Exporting Scanner Reports, Parsing XML Results, Saving a Burp Session and Burp Extensions. In our last Burp Suite Tutorial we introduced some of the useful features that Burp Suite has to offer when performing a Web Application Penetration Test.
0 kommentar(er)
