Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Burp Suite Essentials

You're reading from   Burp Suite Essentials Discover the secrets of web application pentesting using Burp Suite, the best tool for the job

Arrow left icon
Product type Paperback
Published in Nov 2014
Publisher Packt
ISBN-13 9781783550111
Length 144 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Akash Mahajan Akash Mahajan
Author Profile Icon Akash Mahajan
Akash Mahajan
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Getting Started with Burp 2. Configuring Browsers to Proxy through Burp FREE CHAPTER 3. Setting the Scope and Dealing with Upstream Proxies 4. SSL and Other Advanced Settings 5. Using Burp Tools As a Power User – Part 1 6. Using Burp Tools As a Power User – Part 2 7. Searching, Extracting, Pattern Matching, and More 8. Using Engagement Tools and Other Utilities 9. Using Burp Extensions and Writing Your Own 10. Saving Securely, Backing Up, and Other Maintenance Activities 11. Resources, References, and Links Index

Specifying memory size for Burp

If we start Burp Suite by double-clicking on the .jar file, the Java runtime will allocate the maximum memory available to Burp on its own. The total amount allocated might vary based on the available system RAM. Since Burp Suite will capture hundreds and sometimes thousands of requests and responses of various sizes, it makes sense to allocate memory when we start the program.

There is the possibility that Burp Suite might crash if the total memory available is not enough. While doing a security assessment, we don't want to worry about disruption in our work or the feeling that we may lose valuable data about the assessment due to Burp Suite crashing. Therefore, it is prudent to specify how much system RAM is allocated to Burp Suite in the beginning itself.

Specifying the maximum memory Burp is allowed to use

We can use command-line flags provided by Java to ensure that Burp has enough, and more, memory to use while running our security assessment:

java -jar -Xmx2048M /path/to/burpsuite.jar
java -jar -Xmx2G /path/to/burpsuite.jar

Both these commands will allocate 2 GB of RAM to Burp Suite. We can also pass options for gigabytes, megabytes, or kilobytes. You can read up more about this at the Oracle page at http://docs.oracle.com/cd/E13150_01/jrockit_jvm/jrockit/jrdocs/refman/optionX.html#wp999528.

This should be enough for most web applications that need to be tested. If you have more system RAM to spare, you can even increase it further. There is a small caveat you should know. If you increase the memory allocated to Burp Suite beyond 4 GB, the Java Virtual Machine (JVM) garbage collector (GC) will need to do more work. This has been known to adversely affect the performance of Java-based applications. Keeping that in mind, there are clear performance gains that can be achieved by increasing the minimum heap size from the default, which can be as low as 128 MB on older machines.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime