By default, Burp will be set to 'intercept' our traffic. In task three, Gettin' Certified, we configured our web traffic to route through our instance of Burp Suite. Throughout this task, we'll explore the major components of the Burp proxy including interception, request history, and the various configuration options we have access to.īasic diagram of how communications are relayed through a proxy - Wikipedia - Proxy Servers Using a proxy, however, for web application testing allows us to view and modify traffic inline at a granular level. This can be done for a variety of reasons ranging from educational filtering (common in schools where restricted content must be blocked) to accessing content that may be otherwise unavailable due to region locking or a ban. Generally speaking, proxy servers by definition allow us to relay our traffic through an alternative route to the internet. #1 Which tool in Burp Suite can we use to perform a 'diff' on responses and other pieces of data? This feature, while not in the community edition of Burp Suite, is still a key facet of performing a web application test. Scanner - Automated web vulnerability scanner that can highlight areas of the application for further manual investigation or possible exploitation with another section of Burp.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |