One tool that can be used for all sorts of penetration testing, either it be using it to manipulate the packets to buy stuff for free or to carry out a massive dictionary attack to uncover a huge data breach. It’s always a dream for hackers to have such a tool in their arsenal. What if I can tell you such a tool is not just fantasy but it’s present out there right now. Burp Suite is one such that tool that I have come across in the past few years of my penetration work and I have always wished to have known about it earlier.
Burp Suite seems like a complex tool in the beginning but here let us take it down one by one to properly understand what the tool does and how we can make the most out of the tool.
Burp Suite comes in two different versions, one is the community version ( this is for free ) and the other one is the professional version ( it is paid, but worth every cent ). In the upcoming article, I will try to cover the professional version as that will encompass the community version.
What is Burp Suite?
Well, as the name suggests its a suite of tools bundled together. Burp has many features built right into it, either it is a proxy tool that lets you manage and see every request and response packet that is send and received by your browser or be the feature to carry out a brute force or dictionary attack.
As I mentioned earlier we will learn its function one step at a time. Burp Suite has been divided into various tabs. To make proper use of the tool Burp Suite we need to learn how to utilize all these different features in sync, then we will be able to make the most of it.
Tag: Burp Suite,dictionary attack,community version