Sep
26
PortSwigger.net - Burp Suite
Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications…
Key features unique to Burp Suite include:
- Detailed analysis and rendering of requests and responses.
- One-click transfer of interesting requests between tools.
- Ability to “passively” spider an application in a non-intrusive manner, with all requests originating from the user’s browser.
- FIPS-compliant statistical analysis of session token randomness.
- Utilities for decoding and comparing application data.
- Support for custom client and server SSL certificates.
- Extensibility via the IBurpExtender interface.
- Centrally configured settings for downstream proxies, web and proxy authentication, and logging.
- Tools can run in a single tabbed window, or be detached in individual windows.
- Runs in both Linux and Windows.
New features in version 1.2 include:
- Site map showing information accumulated about target applications in tree and table form.
- Fully fledged web vulnerability scanner. [Pro version only]
- Suite-level target scope configuration, driving numerous individual tool actions.
- Display filters on site map and Proxy request history.
- Ability to save and restore state. [Pro version only]
- Suite-wide search function.
- Support for invisible proxying.
