How to do it...

  1. Navigate to the Login page in Mutillidae. Log into the application as username ed with password pentest.
  2. Immediately log out of the application by clicking the Logout button and make sure the application confirms you are logged out.
  3. Switch to the Burp Proxy HTTP history tab. Look for the logout request you just made along with the subsequent, unauthenticated GET request. Select the unauthenticated request, which is the second GET. Right-click and send that request to Repeater, as follows:

  1. Switch to Burp Repeater, then click the Go button. On the Render tab of the response, ensure you receive the Not Logged In message. We ...

Get Burp Suite Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.