Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Burp Suite Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Burp Suite Cookbook

Burp Suite Cookbook

By : Dr. Sunny Wear
5 (7)
Buy this Book
close
close
Burp Suite Cookbook

Burp Suite Cookbook

5 (7)
By: Dr. Sunny Wear
Buy this Book

Overview of this book

With its many features, easy-to-use interface, and flexibility, Burp Suite is the top choice for professionals looking to strengthen web application and API security. This book offers solutions to challenges related to identifying, testing, and exploiting vulnerabilities in web applications and APIs. It provides guidance on identifying security weaknesses in diverse environments by using different test cases. Once you’ve learned how to configure Burp Suite, the book will demonstrate the effective utilization of its tools, such as Live tasks, Scanner, Intruder, Repeater, and Decoder, enabling you to evaluate the security vulnerability of target applications. Additionally, you’ll explore various Burp extensions and the latest features of Burp Suite, including DOM Invader. By the end of this book, you’ll have acquired the skills needed to confidently use Burp Suite to conduct comprehensive security assessments of web applications and APIs.
Table of Contents (14 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Sections
Get in touch
Share your thoughts
Download a free PDF copy of this book
Free Chapter
1
Chapter 1: Getting Started with Burp Suite
chevron up
Chapter 1: Getting Started with Burp Suite
Downloading Burp Suite (Community and Professional editions)
Setting up a web app pentesting lab
Creating a PortSwigger account to access Web Security Academy
Starting Burp Suite at a command line or as an executable
Listening for HTTP traffic using Burp
2
Chapter 2: Getting to Know the Burp Suite of Tools
Chapter 2: Getting to Know the Burp Suite of Tools
Technical requirements
Setting the Target Site Map
Understanding the message editor
Repeating with Repeater
Decoding with Decoder
Intruding with Intruder
3
Chapter 3: Configuring, Crawling, Auditing, and Reporting with Burp
Chapter 3: Configuring, Crawling, Auditing, and Reporting with Burp
Technical requirements
Establishing trust over HTTPS
Setting project configurations
Setting user configurations
Crawling target sites
Creating a custom scan script
Reporting issues
4
Chapter 4: Assessing Authentication Schemes
Chapter 4: Assessing Authentication Schemes
Technical requirements
Testing for account enumeration and guessable accounts
Testing for weak lockout mechanisms
Testing for bypassing authentication schemes
Testing for browser cache weaknesses
Testing the account provisioning process via the REST API
5
Chapter 5: Assessing Authorization Checks
Chapter 5: Assessing Authorization Checks
Technical requirements
Testing for directory traversal
Testing for LFI
Testing for RFI
Testing for privilege escalation
Testing for IDOR
6
Chapter 6: Assessing Session Management Mechanisms
Chapter 6: Assessing Session Management Mechanisms
Technical requirements
Testing session token strength using Sequencer
Testing for cookie attributes
Testing for session fixation
Testing for exposed session variables
Testing for cross-site request forgery
7
Chapter 7: Assessing Business Logic
Chapter 7: Assessing Business Logic
Technical requirements
Testing business logic data validation
Unrestricted file upload – bypassing weak validation
Performing process-timing attacks
Testing for the circumvention of workflows
Uploading malicious files – polyglots
8
Chapter 8: Evaluating Input Validation Checks
Chapter 8: Evaluating Input Validation Checks
Technical requirements
Testing for reflected cross-site scripting
Testing for stored cross-site scripting
Testing for HTTP verb tampering
Testing for HTTP parameter pollution
Testing for SQL injection
Testing for command injection
9
Chapter 9: Attacking the Client
Chapter 9: Attacking the Client
Technical requirements
Testing for clickjacking
Testing for DOM-based cross-site scripting
Leveraging DOM Invader for testing DOM XSS
Testing for JavaScript execution
Testing for HTML injection
Testing for client-side resource manipulation
10
Chapter 10: Working with Burp Suite Macros and Extensions
Chapter 10: Working with Burp Suite Macros and Extensions
Technical requirements
Creating session-handling macros
Getting caught in the cookie jar
Adding great pentester plugins
Creating new issues via the Add & Track Custom Issues extension
Working with the Active Scan++ extension
Using Burp Suite extensions for bug bounties
11
Chapter 11: Implementing Advanced Topic Attacks
Chapter 11: Implementing Advanced Topic Attacks
Technical requirements
Performing XXE attacks
Working with JWTs
Using Burp Suite Collaborator to determine SSRF
Testing CORS
Performing Java deserialization attacks
Hacking GraphQL using Burp Suite
12
Index
Index
Why subscribe?
13
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book

Listening for HTTP traffic using Burp

Burp is described as an intercepting proxy. This means Burp sits between the user’s web browser and the application’s web server and intercepts or captures all the traffic flowing between them. This type of behavior is commonly referred to as a proxy service.

Penetration testers use intercepting proxies to capture traffic flowing between a web browser and a web application for analysis and manipulation. For example, a tester can pause any HTTP request, thus allowing parameter tampering before the request is sent to the web server.

Intercepting proxies, such as Burp, allow testers to intercept both HTTP requests and HTTP responses. This allows a tester to observe the behavior of the web application under different conditions. And, as we shall see, sometimes the behaviors are unintended, deviating from what the original developer expected.

To see Burp Suite in action, you need to configure your Firefox browser’s Network Settings so that they point to your running instance of Burp. This enables Burp to capture all HTTP traffic that is flowing between your browser and the target web application.

Getting ready

We will configure the Firefox browser to allow Burp to listen to all HTTP traffic flowing between the browser and the OWASP BWA VM. This will allow the proxy service within Burp to capture traffic for testing purposes.

Instructions for this are available on PortSwigger at https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp. We will step through this process in this recipe.

How to do it...

Follow these steps to start listening to all HTTP traffic using Burp:

  1. Open the Firefox browser and go to Options.
  2. In the General tab, scroll down to the Network Proxy section and then click Settings.
  3. In the Connection Settings window, select Manual proxy configuration and type in an IP address of 127.0.0.1 with the port set to 8080. Select the Use this proxy server for all protocols checkbox.

Make sure the No proxy for text box is blank, as shown in the following screenshot, and then click OK:

Figure 1.18 – Manually configuring the Firefox browser to send HTTP traffic to Burp

Figure 1.18 – Manually configuring the Firefox browser to send HTTP traffic to Burp

  1. With the OWASP BWA VM running in the background and using Firefox to browse to the URL specific to your machine (that is, the IP address shown on the Linux VM in VirtualBox), click the reload button (the arrow in a circle) to see the traffic captured in Burp.
  2. If you don’t happen to see any traffic, check whether Proxy | Intercept is holding up the request. If the button labeled Intercept is on is depressed, as shown in the following screenshot, then click the button again to disable the interception. After doing so, the traffic should flow freely into Burp, as follows:
Figure 1.19 – By default, Intercept is on

Figure 1.19 – By default, Intercept is on

In the following screenshot, the Proxy | Intercept button is disabled:

Figure 1.20 – Turning Intercept off to see traffic

Figure 1.20 – Turning Intercept off to see traffic

  1. If everything is working properly, you will see traffic in your Target | Site map tab, similar to what is shown in the following screenshot. Your IP address will be different, of course, and you may have more items shown within your Site map area. Congratulations! You now have Burp listening to all of your browser traffic!
Figure 1.21 – Confirmation of HTTP traffic flowing into Burp

Figure 1.21 – Confirmation of HTTP traffic flowing into Burp

How it works...

The Burp Proxy service is listening on 127.0.0.1 at port 8080. Either of these settings can be changed so that you can listen on an alternative IP address or port number. However, for learning purposes, we will use the default settings.

There’s more…

As a simpler alternative, you can use the browser built into Burp. To access this, go to Proxy from the top menu, choose the Intercept sub-menu, and then click the Open browser button:

Figure 1.22 – Using Burp’s built-in browser instead of using an external browser (for example, Firefox)

Figure 1.22 – Using Burp’s built-in browser instead of using an external browser (for example, Firefox)

End of Chapter 1
Next Chapter
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY