● About me :- ● @U7KAR5H

null Bhopal Monthly MeetMay 2016 ● Utkarsh

Bhargava● Not a Hacker ● Chapter Lead @ null

Bhopal

INTRODUCTION TO BURP

MORE THAN JUST A SILLY NAME• Burp is a proxy-based web application testing tool

• De-facto standard for manual web app. Testing

• Free and paid-for versions available

• Other options are available– OWASP ZAP – upcoming Open Source alternative– Telerik Fiddler – Primarily windows based alternative

WHY PROXIES?• Intercept and modify traffic between client and server

• Bypass any JavaScript restrictions

• Access hidden fields

• Modify headers

• Modify cookies

BURP TOUR – SITEMAP

BURP TOUR – SCOPE

BURP TOUR INTERCEPT

BURP TOUR – HTTP HISTORY

BURP TOUR - SPIDER

BURP TOUR - SCANNER

BURP TOUR - INTRUDER

BURP TOUR - REPEATER

BURP TOUR - SEQUENCER

BURP TOUR - DECODER

BURP TOUR – OPTIONS

Thats all !!!

● Any Questions

● Thank You