O'Reilly logo

Burp Suite Cookbook by Sunny Wear

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

  1. Switch to Burp BApp Store and install the Java Serial Killer plugin:

In order to create a scenario using a serialized object, we will take a standard request and add a serialized object to it for the purposes of demonstrating how you can use the extension to add attacker-controlled commands to serialized objects.

  1. Note the new tab added to your Burp UI menu at the top dedicated to the newly-installed plugin.
  2. Navigate to the Mutillidae homepage.
  1. Switch to the Burp Proxy| HTTP history tab and look for the request you just created by browsing to the Mutillidae homepage:

Unfortunately, there aren't any serialized objects ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required