Screencast: Burp Suite tutorial highlights Burp Proxy, other key tools

Screencast: Burp Suite tutorial highlights Burp Proxy, other key tools

Date: Apr 23, 2012

When penetration testers finish testing Web applications, they are often asked questions like, "How did you find that vulnerability? How can I find it? What can I do to detect these vulnerabilities?" This is where the powerful pen testing tool Burp Suite proves useful.

In this screencast, penetration tester Mike McLaughlin offers a brief Burp Suite tutorial that highlights the key features available in both the free and paid versions of the tool. He points to Burp Proxy , which works in a similar fashion to a man-in-middle-attack, as the most powerful feature. Burp Proxy allows for easier manipulation of the data flowing between the browser and the target application to highlight vulnerabilities in the application. Another particularly useful feature is Burp Spider, which automates the normally tedious task of mapping a Web application. With Burp Proxy, Burp Spider, and the other features of Burp Suite, pen testers can now confidently answer all of the questions that come after testing a Web application.

About the presenter:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.

More on Open Source Security Tools and Applications

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: