Burp Suite
文章目录
- Burp Suite
-
- Burp Suite: The Basics
-
- Task1 **Introduction** Outline
- Task2 **Getting Started** What is Burp Suite?
- Task3 **Getting Started** Features of Burp Community
- Task4 **Getting Started** Installation
- Task5 **Getting Started** The Dashboard
- Task6 **Getting Started** Navigation
- Task7 **Getting Started** Options
- Task8 **Proxy** Introduction to the Burp Proxy
- Task9 **Proxy** Connecting through the Proxy (FoxyProxy)
- Task10 **Proxy** Proxying HTTPS
- Task11 **Proxy** The Burp Suite Browser
- Task12 **Proxy** Scoping and Targeting
- Task13 **Proxy** Site Map and Issue Definitions
- Task14 **Practical** Example Attack
- Task15 **Conclusion** Room Conclusion
- Burp Suite: Repeater
Burp Suite: The Basics
Task1 Introduction Outline
Deploy the machine attached to the task by pressing the green “Start Machine” button, as well as the AttackBox (using the “Start AttackBox” button at the top of the page) if you are not using your own machine.
Task2 Getting Started What is Burp Suite?
1.Which edition of Burp Suite will we be using in this module?
Burp Suite Community
2.Which edition of Burp Suite runs on a server and provides constant scanning for target web apps?
Burp Suite Enterprise
3.Burp Suite is frequently used when attacking web applications and ______ applications.
mobile
Task3 Getting Started Features of Burp Community
1.Which Burp Suite feature allows us to intercept requests between ourselves and the target?
proxy
2.Which Burp tool would we use if we wanted to bruteforce a login form?
Intruder
Task4 Getting Started Installation
If you have chosen not to use the AttackBox, make sure that you have a copy of Burp Suite installed before proceeding
Task5 Getting Started The Dashboard
Open Burp Suite and have a look around the dashboard. Make sure that you are comfortable with it before moving on
Task6 Getting Started Navigation
Get comfortable navigating around the top menu bars.
Task7 Getting Started Options
1.Change the Burp Suite theme to dark mode
2.In which Project options sub-tab can you find reference to a “Cookie jar”?
sessions
3.In which User options sub-tab can you change the Burp Suite update behaviour?
Misc
4.What is the name of the section within the User options “Misc” sub-tab which allows you to change the Burp Suite keybindings?
Hotkeys
5.If we have uploaded Client-Side TLS certificates in the User options tab, can we override these on a per-project basis (Aye/Nay)?
Aye
6.There are many more configuration options available. Take the time to read through them.
In the next section, we will cover the Burp Proxy – a much more hands-on aspect of the room.
Task8 Proxy Introduction to the Burp Proxy
1.Which button would we choose to send an intercepted request to the target in Burp Proxy?
Forward
2.[Research] What is the default keybind for this?
Note: Assume you are using Windows or Linux (i.e. swap Cmd for Ctrl).
Ctrl+F
最低0.47元/天 解锁文章
扫一扫
760
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
