Discover the secrets of web application pentesting using Burp Suite, the best tool for the job
This book aims to impart the skills of a professional Burp user to empower you to successfully perform various kinds of tests on any web application of your choice. It begins by acquainting you with Burp Suite on various operating systems and showing you how to customize the settings for maximum performance. You will then get to grips with SSH port forwarding and SOCKS-based proxies. You will also get hands-on experience in leveraging the features of Burp tools such as Target, Proxy, Intruder, Scanner, Repeater, Spider, Sequencer, Decoder, and more. You will then move on to searching, extracting, and matching patterns for requests and responses, and you will learn how to work with upstream proxies and SSL certificates. Next, you will dive into the world of Burp Extensions and also learn how to write simple extensions of your own in Java, Python, and Ruby.
As a professional tester, you will need to be able to report your work, safeguard it, and sometimes even extend the tools that you are using; you will learn how to do all this in the concluding chapters of this book.
What You Will Learn