Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Burp Suite Essentials

You're reading from Burp Suite Essentials Discover the secrets of web application pentesting using Burp Suite, the best tool for the job

Product type Paperback

Published in Nov 2014

Publisher Packt

ISBN-13 9781783550111

Length 144 pages

Edition 1st Edition

Tools

Burp Suite

Concepts

Web Programming

Author (1):

Akash Mahajan

View More author details

Table of Contents (13) Chapters

Preface

1. Getting Started with Burp

2. Configuring Browsers to Proxy through Burp FREE CHAPTER

3. Setting the Scope and Dealing with Upstream Proxies

4. SSL and Other Advanced Settings

5. Using Burp Tools As a Power User – Part 1

6. Using Burp Tools As a Power User – Part 2

7. Searching, Extracting, Pattern Matching, and More

8. Using Engagement Tools and Other Utilities

9. Using Burp Extensions and Writing Your Own

10. Saving Securely, Backing Up, and Other Maintenance Activities

11. Resources, References, and Links

Index

Matching

Filtering makes for a powerful analysis tool. But filtering happens after the requests have been sent, the responses received, and we just need to analyze the output. What if we want to make changes on the fly? Ideally, we would like to match certain data, such as requests, responses, parameter values, header values, and more. So, while the HTTP requests and responses are going through and coming back, we can create rules to match the data and perform operations on that data.

Let's look at all the places we can perform matching and related operations:

In the Proxy | Options tab:
- Under Intercept Client Requests
- Under Intercept Server Responses
- Under Match and Replace
In Spider | Options:
- Form Submission
In Scanner | Options:
- Attack Insertion Points
In Intruder | Payloads:
- Payloads Processing

We can set rules for intercepting client requests based on conditions. Basically, a rule has a Boolean operator, a match type, a relationship based on the match type, and the condition. By default...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Akash Mahajan

Akash Mahajan

Akash Mahajan is an accomplished security professional with over a decade's experience in providing specialist application and infrastructure consulting services at the highest levels to companies, governments, and organizations around the world. He has lots of experience in working with clients to provide innovative security insights that truly reflect the commercial and operational needs of the organization, from strategic advice to testing and analysis to incident response and recovery. He is an active participant in the international security community and a conference speaker both individually, as chapter lead of the Bangalore chapter of OWASP the global organization responsible for defining the standards for web application security and as a co-founder of NULL India's largest open security community. Akash runs Appsecco, a company focused on Application Security. He authored the book Burp Suite Essentials published by Packt Publishing in November 2014, which is listed as a reference by the creators of Burp Suite.

See other products by Akash Mahajan

Personalised recommendations for you

Based on your interests and search pattern

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Reactive Patterns with RxJS and Angular Signals

Reactive Patterns with RxJS and Angular Signals

This RxJS book will help you understand the core concepts of RxJS and provide practical patterns to make your code more reactive and declarative. You'll also understand Angular Signals, which provide another way to improve code reactivity.

Jul 2024 8h 28m

API Testing and Development with Postman

API Testing and Development with Postman

Whether you are a tester or a developer working with APIs, you'll be able to put your knowledge to work with this practical guide to using Postman. The book provides a hands-on approach to implementing and learning the associated methodologies that will have you up-and-running and productive in no time.

Jun 2024 11h 56m

API Testing and Development with Postman

API Testing and Development with Postman

Whether you are a tester or a developer working with APIs, you'll be able to put your knowledge to work with this practical guide to using Postman. The book provides a hands-on approach to implementing and learning the associated methodologies that will have you up-and-running and productive in no time.

Jun 2024 11h 56m

FastAPI Cookbook

FastAPI Cookbook

This book helps you unlock the power of FastAPI to build high-performing web apps and APIs by taking you through the basics like routing and data validation through to advanced topics, such as custom middleware and WebSockets.

Aug 2024 11h 56m

Mastering Spring Boot 3.0

Mastering Spring Boot 3.0

This hands-on guide empowers you to develop scalable and efficient applications. You'll also learn microservices patterns, reactive programming, and security measures for building robust backend systems.

Jun 2024 8h 32m

Nuxt 3 Projects

Nuxt 3 Projects

This book is a comprehensive guide to Nuxt.js, which takes you from the basics to advanced topics. Uniquely, this book emphasizes practical, project-based learning, tackling real-world problems.

Jun 2024 7h 40m

Vue.js 3 for Beginners

Vue.js 3 for Beginners

Learning a new language by following video tutorials, blog posts, and documentation is a tiresome activity. This book will take you on an exciting journey of becoming a proficient Vue.js developer through a practical, step-by-step approach.

Sep 2024 10h 4m

Full-Stack Web Development with TypeScript 5

Full-Stack Web Development with TypeScript 5

The book emphasizes best practices, debugging, performance optimization, and scalable code structure, helping you develop practical skills in frontend and backend development, database integration, and AI integration.

Mastering Flask Web and API Development

Mastering Flask Web and API Development

The book is an introduction to Flask that will showcase its baseline, core, and advanced integration features to enable you to solve enterprise-related problems and issues in both web and API development.

Aug 2024 16h 28m