Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Need clarification on the Burp Suite Pro

Basavaraja | Last updated: Jan 20, 2020 05:55AM UTC

Hi, We have one of the clients requesting for document sign off, Can you please clarify the attached for Burp Suite Pro? Is there any partners who can deliver the training on this tool, can you please connect to us. Questioner:- S/No. Features/Specifications Compliance / Remark 1.0 Burp suite should function as an integrated platform for performing security testing of web applications. Its various tools should work seamlessly together to support the entire testing process from initial mapping and analysis of an applications attack surface, through to finding and exploiting security vulnerabilities. The application should provide following specific features: - a Automated crawl and scan Yes b Advanced scanning for manual testers. Yes c Cutting –edge scanning logic. Yes d Clear and detailed presentation of vulnerabilities. Yes e Intercept browser traffic using man –in -the-middle proxy. Not sure/Need input from Burp suite f Automated custom attacks using Burp Intruder. Yes g Advanced manual testing tools Yes h Overcome connection challenges. Yes i Extensibility Yes j Intercepting Proxy, which lets inspect and modify traffic between the browser and the target application. Not sure/Need input from Burp suite k Application-aware spider for crawling content and functionality. Not sure/Need input from Burp suite l An Advanced web application Scanner, for automating the detection of numerous type of vulnerabilities. : Yes m A Repeater tool, for manipulating and resending individual requests. Not sure/Need input from Burp suite n A Sequencer tool, for testing the randomness of Session tokens. Yes o The ability to save your work and resume working later.: Not sure/Need input from Burp suite p Extensibility allowing to easily write own plugins, to perform complex and highly customized tasks within Burp.: Not sure/Need input from Burp suite Regards, Basu 9886629446

Ben, PortSwigger Agent | Last updated: Jan 20, 2020 10:01AM UTC

Hi Basu, Please find the answers to your queries below: j Intercepting Proxy, which lets inspect and modify traffic between the browser and the target application. Yes k Application-aware spider for crawling content and functionality. Yes (we call this the Burp Crawler in version 2 and above) m A Repeater tool, for manipulating and resending individual requests. Yes o The ability to save your work and resume working later.: Yes (you can set up different Burp Project files, with different settings, to perform different testing tasks) p Extensibility allowing to easily write own plugins, to perform complex and highly customized tasks within Burp.: Yes (we have an extension API that allows users to write extensions to the main software. These can be simply used "in-house" or can be made available to other users via our BApp Store) Details of our recommended training partners can be found on the following page: https://portswigger.net/training Please let us know if you require any further information.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.