SlideShare a Scribd company logo

Introduction to burp suite

U
Utkarsh Bhargava

The document provides an introduction to Burp, a proxy-based web application testing tool, highlighting its importance as a standard for manual web app testing. It discusses various functionalities of Burp, such as traffic interception and modification, and mentions other alternatives like OWASP ZAP and Telerik Fiddler. The presentation covers different Burp tools including Sitemap, Scope, Intercept, HTTP History, Spider, Scanner, Intruder, Repeater, Sequencer, and Decoder.

Software
Related topics:
Information Security
1 of 16
Downloaded 64 times
1
2
3
Most read
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
● About me :- ● @U7KAR5H null Bhopal Monthly Meet May 2016 ● Utkarsh Bhargava ● Not a Hacker ● Chapter Lead @ null Bhopal
INTRODUCTION TO BURP
MORE THAN JUST A SILLY NAME • Burp is a proxy-based web application testing tool • De-facto standard for manual web app. Testing • Free and paid-for versions available • Other options are available – OWASP ZAP – upcoming Open Source alternative – Telerik Fiddler – Primarily windows based alternative
WHY PROXIES? • Intercept and modify traffic between client and server • Bypass any JavaScript restrictions • Access hidden fields • Modify headers • Modify cookies
BURP TOUR – SITEMAP
BURP TOUR – SCOPE
BURP TOUR INTERCEPT
BURP TOUR – HTTP HISTORY
BURP TOUR - SPIDER
BURP TOUR - SCANNER
BURP TOUR - INTRUDER
BURP TOUR - REPEATER
BURP TOUR - SEQUENCER
BURP TOUR - DECODER
BURP TOUR – OPTIONS
Thats all !!! ● Any Questions ● Thank You

More Related Content

PPTX
Burpsuite 101
n|u - The Open Security Community
 
PPTX
Burp suite
SOURABH DESHMUKH
 
PPTX
Burp Suite Starter
Fadi Abdulwahab
 
PPTX
Dive in burpsuite
Nadim Kadiwala
 
PDF
Burp suite
hamdi_sevben
 
PPT
Pentesting Using Burp Suite
jasonhaddix
 
PPTX
Web Hacking With Burp Suite 101
Zack Meyers
 
PDF
Burp suite
Yashar Shahinzadeh
 
Burpsuite 101
n|u - The Open Security Community
 
Burp suite
SOURABH DESHMUKH
 
Burp Suite Starter
Fadi Abdulwahab
 
Dive in burpsuite
Nadim Kadiwala
 
Burp suite
hamdi_sevben
 
Pentesting Using Burp Suite
jasonhaddix
 
Web Hacking With Burp Suite 101
Zack Meyers
 
Burp suite
Yashar Shahinzadeh
 

What's hot (20)

PPTX
What is an API?
Muhammad Zuhdi
 
PDF
OWASP API Security Top 10 - API World
42Crunch
 
PPT
Postman.ppt
ParrotBAD
 
PPTX
POSTMAN.pptx
RamaKrishna970827
 
PPT
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
PPTX
Burp suite
penetration Tester
 
PPTX
Automation Testing With Appium
Knoldus Inc.
 
PDF
OWASP Top 10 Web Application Vulnerabilities
Software Guru
 
PPTX
Owasp zap
penetration Tester
 
PPTX
An Introduction To REST API
Aniruddh Bhilvare
 
PPTX
The OWASP Zed Attack Proxy
Aditya Gupta
 
PPTX
Pentesting ReST API
Nutan Kumar Panda
 
PDF
Hacking and Defending APIs - Red and Blue make Purple.pdf
Matt Tesauro
 
PDF
SSRF workshop
Ivan Novikov
 
PDF
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Ajin Abraham
 
PPT
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Mohammed A. Imran
 
PPTX
Web application vulnerability assessment
Ravikumar Paghdal
 
PDF
Api Testing.pdf
JitendraYadav351971
 
PPTX
REST API
Tofazzal Ahmed
 
PPTX
Deep dive into ssrf
n|u - The Open Security Community
 
What is an API?
Muhammad Zuhdi
 
OWASP API Security Top 10 - API World
42Crunch
 
Postman.ppt
ParrotBAD
 
POSTMAN.pptx
RamaKrishna970827
 
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
Burp suite
penetration Tester
 
Automation Testing With Appium
Knoldus Inc.
 
OWASP Top 10 Web Application Vulnerabilities
Software Guru
 
Owasp zap
penetration Tester
 
An Introduction To REST API
Aniruddh Bhilvare
 
The OWASP Zed Attack Proxy
Aditya Gupta
 
Pentesting ReST API
Nutan Kumar Panda
 
Hacking and Defending APIs - Red and Blue make Purple.pdf
Matt Tesauro
 
SSRF workshop
Ivan Novikov
 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Ajin Abraham
 
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Mohammed A. Imran
 
Web application vulnerability assessment
Ravikumar Paghdal
 
Api Testing.pdf
JitendraYadav351971
 
REST API
Tofazzal Ahmed
 
Deep dive into ssrf
n|u - The Open Security Community
 
Ad

Viewers also liked (20)

PPTX
Static analysis for security
Fadi Abdulwahab
 
PDF
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shah
nullowaspmumbai
 
PPTX
OWASP Zed Attack Proxy
Fadi Abdulwahab
 
PPTX
Webinar: Ransomware - Five Reasons You’re Not As Protected As You Think
Storage Switzerland
 
PDF
Using Massively Distributed Malware in APT-Style Attacks
IBM Security
 
PDF
Base64 Encoding
Jonathan Francis Roscoe
 
KEY
Scénarios d'exploitation Metasploit - FR : Scénario 1
Eric Romang
 
ODP
2600 av evasion_deuce
Db Cooper
 
PDF
The old is new, again. CVE-2011-2461 is back!
Luca Carettoni
 
PDF
Attaque metasploite
Majid CHADAD
 
KEY
Scénarios d'exploitation Metasploit - FR : Scénario 3
Eric Romang
 
PPTX
Fuzzing | Null OWASP Mumbai | 2016 June
nullowaspmumbai
 
PDF
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
Ninad Sarang
 
PDF
Null Mumbai 14th May Lesser Known Webapp attacks by Ninad Sarang
nullowaspmumbai
 
PDF
An EyeWitness View into your Network
CTruncer
 
ODP
Introduction to ethereum_public
antitree
 
PPTX
Pen Testing, Red Teaming, and More
CTruncer
 
PDF
Offensive OSINT
Christian Martorella
 
PDF
The Supporting Role of Antivirus Evasion while Persisting
CTruncer
 
PDF
Higher Level Malware
CTruncer
 
Static analysis for security
Fadi Abdulwahab
 
Null 11 june_Malware CNC: Advance Evasion techniques_by Avkash k and dhawal shah
nullowaspmumbai
 
OWASP Zed Attack Proxy
Fadi Abdulwahab
 
Webinar: Ransomware - Five Reasons You’re Not As Protected As You Think
Storage Switzerland
 
Using Massively Distributed Malware in APT-Style Attacks
IBM Security
 
Base64 Encoding
Jonathan Francis Roscoe
 
Scénarios d'exploitation Metasploit - FR : Scénario 1
Eric Romang
 
2600 av evasion_deuce
Db Cooper
 
The old is new, again. CVE-2011-2461 is back!
Luca Carettoni
 
Attaque metasploite
Majid CHADAD
 
Scénarios d'exploitation Metasploit - FR : Scénario 3
Eric Romang
 
Fuzzing | Null OWASP Mumbai | 2016 June
nullowaspmumbai
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
Ninad Sarang
 
Null Mumbai 14th May Lesser Known Webapp attacks by Ninad Sarang
nullowaspmumbai
 
An EyeWitness View into your Network
CTruncer
 
Introduction to ethereum_public
antitree
 
Pen Testing, Red Teaming, and More
CTruncer
 
Offensive OSINT
Christian Martorella
 
The Supporting Role of Antivirus Evasion while Persisting
CTruncer
 
Higher Level Malware
CTruncer
 
Ad

Similar to Introduction to burp suite (20)

PPTX
Burp Suite Professional – Paid, with full-featured scanner and advanced tools.
waudit1
 
PDF
BSides Lisbon 2013 - All your sites belong to Burp
Tiago Mendo
 
PPTX
Burp intruder
penetration Tester
 
PDF
What is Burpsuite?
Stealth Security
 
PPTX
Hack like a pro with burp suite by pavanw3b
Pavan M
 
PPTX
Burp Suite With CSRF Demo presentarion.pptx
beboorabi7
 
DOCX
15.3 student guide web application tool time overviewtodays c
UMAR48665
 
DOCX
15.3 Student Guide Web Application Tool TimeOverviewTodays c
MatthewTennant613
 
DOCX
15.3 Student Guide Web Application Tool TimeOverviewTodays c
AnastaciaShadelb
 
PPTX
Burp-Suite-Champion-of-Application-Security (1).pptx
wininlifeacademy5
 
PDF
Thick Client Testing Advanced
NSConclave
 
PDF
The 3 Top Techniques for Web Security Testing Using a Proxy
TEST Huddle
 
PPTX
Burp Zeronights workshop
Igor Bulatenko
 
PDF
Burp documentation
penetration Tester
 
PDF
The Evil Tester's Guide to HTTP proxies Tutorial
Alan Richardson
 
PDF
DevSecCon Singapore 2019: Workshop - Burp extension writing workshop
DevSecCon
 
PPTX
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
JosephTesta9
 
PDF
Burp suite pro tips and tricks for hacking
fuds
 
PPTX
ZN-2015
Ivan Elkin
 
PPTX
Burp better - Finding Struts and XXE Vulns with Burp Extensions
Chris Elgee
 
Burp Suite Professional – Paid, with full-featured scanner and advanced tools.
waudit1
 
BSides Lisbon 2013 - All your sites belong to Burp
Tiago Mendo
 
Burp intruder
penetration Tester
 
What is Burpsuite?
Stealth Security
 
Hack like a pro with burp suite by pavanw3b
Pavan M
 
Burp Suite With CSRF Demo presentarion.pptx
beboorabi7
 
15.3 student guide web application tool time overviewtodays c
UMAR48665
 
15.3 Student Guide Web Application Tool TimeOverviewTodays c
MatthewTennant613
 
15.3 Student Guide Web Application Tool TimeOverviewTodays c
AnastaciaShadelb
 
Burp-Suite-Champion-of-Application-Security (1).pptx
wininlifeacademy5
 
Thick Client Testing Advanced
NSConclave
 
The 3 Top Techniques for Web Security Testing Using a Proxy
TEST Huddle
 
Burp Zeronights workshop
Igor Bulatenko
 
Burp documentation
penetration Tester
 
The Evil Tester's Guide to HTTP proxies Tutorial
Alan Richardson
 
DevSecCon Singapore 2019: Workshop - Burp extension writing workshop
DevSecCon
 
BSides Rochester 2018: Justin Moore: Automated HTTP Request Repeating With Bu...
JosephTesta9
 
Burp suite pro tips and tricks for hacking
fuds
 
ZN-2015
Ivan Elkin
 
Burp better - Finding Struts and XXE Vulns with Burp Extensions
Chris Elgee
 

Recently uploaded (20)

PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PPTX
ISO 45001 Occupational Health and Safety Management System
EHA Soft Solutions
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PPTX
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
PDF
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
PPTX
ManageIQ - Sprint 268 Review - Slide Deck
ManageIQ
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
PDF
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PDF
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
PPTX
Online Work Permit System for Fast Permit Processing
SHEQ Network Limited
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
ISO 45001 Occupational Health and Safety Management System
EHA Soft Solutions
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
ManageIQ - Sprint 268 Review - Slide Deck
ManageIQ
 
System and Network Administration Chapter 2
jaramharo
 
Flood Susceptibility Mapping Using Image-Based 2D-CNN Deep Learnin. Overview ...
lawrenceomai2
 
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
System and Network Administraation Chapter 3
jaramharo
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
Internet Downloader Manager (IDM) Crack 6.42 Build 41
ghrom2211g
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
Online Work Permit System for Fast Permit Processing
SHEQ Network Limited
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 

Introduction to burp suite