Hack like a pro with burp suite by pavanw3b
Download as PPTX, PDF0 likes914 views
This document provides an overview of Burp Suite and how to use it like a pro for web application security testing. It discusses how to configure Burp Suite for optimal performance, how to focus testing on the target scope, and how to use various Burp Suite tools like the proxy, intruder, spider, sequencer, decoder, comparator, and extender to test for vulnerabilities. It emphasizes playing around with the tools, starting with passive scanning before moving to more active techniques, and provides some tips on maintenance and customization.
Hack like a pro with burp suite by pavanw3b
- 1. Hack Like a Pro with Burp Suite /pavanw3b
- 2. What do you learn? I’m a boring geek Burp Suite is your best friend Some really cool tweaks
- 3. ~$ whoami pavanw3b Yet another w3bAppSec guy break-fix-repeat Security Engineer @ ServiceNow
- 4. Who’s an expert here?
- 5. More than an interception proxy Burp Suite
- 6. Start like a Pro $ java –jar –Xmx4G /path/burpsuite.jar • Let burp use up to 4GB • Default can be as low as 128MB • But not more than 4GB
- 7. Better Proxy-ing Global Just Firefox Moody - FoxyProxy
- 8. Focus on Target It’s your Desktop Set better Scope Compare Site maps Drop out-of- scope Options > Connections
- 9. Better Filter Target See In-scope items Hide not-found Demo
- 10. Playing around Proxy Play around Message Analytics Can also contain XML, AMF & View State Intercept Request Intercept Response HTTP history: Params & Filter Unhide hidden form fields
- 11. Exploiting with Intruder Send lots of data & make sense of response Username Enumeration, Directory Fuzzing – XSS, SQLi, Path traversal Add payload: FuzzDB, WebAppURLs, OWASP DirBuster Demo: Save & Load attack Config
- 12. Stay calm & use Scanner Passive Scanning Active Scanning Use wise! Crawl -> Scan Demo Don’t make too fast Be in-scope
- 13. Never miss anything - Repeater Scratchpad Demo Change the way you want it Try OPTIONS
- 14. The good Spider Create lots of Pollution Form Submissions Do after manual Crawl Demo Some are only on Prod: robots.txt Careful - Delete all users Control threads
- 15. All about tokens - Sequencer Test how random it is.. Session, CSRF, Password reset etc Min 100 tokens required
- 16. Find the secret - Decode No Key - No Security Encode != Security Demo Send to Decoder
- 17. Confused? Use Comparer Compare responses Blind SQLi Compare by Words ByteByte: Computationally costly Demo: Compare 2 responses
- 18. Engagement Tools Search Find in Comments, Scripts, Ref Analyze Target Discover Content
- 19. Wanna add? Extender Jython, JRuby etc BApp Store java.lang.OutOfMemoryError? java -XX:MaxPermSize=1G -jar burpsuite.jar
- 20. Maintenance Save State Save in-scope only Restore State Don’t restore from untrusted sources Auto backup Schedule Task: Save State - Creates only 1file
- 21. Some more if you need Right click & you got all Shortcuts: Options > Misc > Hotkeys
- 22. References & Reads Burp Suite Essentials by Akash Mahajan 10 Unbeatable Features of Burp Suite Pro Official Documentation Pen Testing with Burp Suite Real life tips & tricks
Editor's Notes
- #10: ----- Meeting Notes (9/11/15 20:02) ----- Image blur