Burp Suite Pro 2021.2 (macOS, Linux) -- 查找、发现和利用漏洞

请访问原文链接:https://sysin.org/article/burp-suite-pro/,查看最新版。原创作品,转载请保留出处。

简介

Burp Suite Professional 是一套用于测试 web 安全性的高级工具集 —- 所有这些都在一个产品中。从一个基本的拦截代理到尖端的 Burp 扫描器,使用 Burp Suite Pro,正确的工具只需点击一下就可以了。

我们强大的自动化让您有更多的机会做您最擅长的,而 Burp Suite 处理容易实现的目标。先进的手动工具将帮助你识别目标更微妙的盲点。

Burp Suite Pro 是由一个研究团队开发的。这意味着在我们发布之前,发现成果已经包含在我们的最新更新中。我们的 pentesting 工具将使您的工作更快,同时让您了解最新的攻击向量。

功能介绍

Manual penetration testing features 手动渗透测试功能

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-eTl61ic1-1615173296175)(https://portswigger.net/burp/pro/features/images/proxy-interception.png)]

  • Intercept everything your browser sees

A powerful proxy/history lets you modify all HTTP(S) communications passing through your browser.

  • Manage recon data

All target data is aggregated and stored in a target site map - with filtering and annotation functions.

  • Expose hidden attack surface

Find hidden target functionality with an advanced automatic discovery function for “invisible” content.

  • Test for clickjacking attacks

Generate and confirm clickjacking attacks for potentially vulnerable web pages, with specialist tooling.

  • Work with WebSockets

WebSockets messages get their own specific history - allowing you to view and modify them.

  • Break HTTPS effectively

Proxy even secure HTTPS traffic. Installing your unique CA certificate removes associated browser security warnings.

  • Manually test for out-of-band vulnerabilities

Make use of a dedicated client to incorporate Burp Suite’s out-of-band (OAST) capabilities during manual testing.

  • Speed up granular workflows

Modify and reissue individual HTTP and WebSocket messages, and analyze the response - within a single window.

  • Quickly assess your target

Determine the size of your target application. Auto-enumeration of static and dynamic URLs, and URL parameters.

  • Assess token strength

Easily test the quality of randomness in data items intended to be unpredictable (e.g. tokens).


Advanced/custom automated attacks 高级/自定义自动攻击

  • Faster brute-forcing and fuzzing

Deploy custom sequences of HTTP requests containing multiple payload sets. Radically reduce time spent on many tasks.

  • Query automated attack results

Capture automated results in customized tables, then filter and annotate to find interesting entries/improve subsequent attacks.

  • Construct CSRF exploits

Easily generate CSRF proof-of-concept attacks. Select any suitable request to generate exploit HTML.

  • Facilitate deeper manual testing

See reflected/stored inputs even when a bug is not confirmed. Facilitates testing for issues like XSS.

  • Scan as you browse

The option to passively scan every request you make, or to perform active scans on specific URLs.

  • Automatically modify HTTP messages

Settings to automatically modify responses. Match and replace rules for both responses and requests.

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-iJPZ9P8P-1615173296177)(https://portswigger.net/burp/pro/features/images/payload.png)]


Automated scanning for vulnerabilities 自动扫描漏洞

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-4a3cBJIS-1615173296178)(https://portswigger.net/burp/pro/features/images/scan-results.png)]

  • Harness pioneering AST technology

High signal: low noise. Scan with pioneering, friction-free, out-of-band-application security testing (OAST).

  • Conquer client-side attack surfaces

Hybrid AST and built-in JavaScript analysis engine help to find holes in client-side attack surfaces.

  • Fuel vulnerability coverage with research

Cutting-edge scan logic from PortSwigger Research combines with coverage of over 100 generic bugs.

  • Fine-tune scan control

Get fine-grained control, with a user-driven scanning methodology. Or, run “point-and-click” scans.

  • Remediate bugs effectively

Custom descriptions and step-by-step remediation advice for every bug, from PortSwigger Research.

  • Configure scan behavior

Customize what you audit, and how. Skip specific checks, fine-tune insertion points, and much more.

  • Navigate difficult applications

Crawl more complex targets. Burp Suite’s crawler identifies locations based on content - not just URL.

  • Effectively apply IAST

Source identification and vulnerability reporting simplified, with optional code instrumentation.

  • Experience browser-driven scanning

Browser-driven scanning is already striding toward better coverage of tricky targets like AJAX-heavy single page apps.


Productivity tools 生产力工具

  • Deep-dive message analysis

Show follow-up, analysis, reference, discovery, and remediation in a feature-rich HTTP editor.

  • Utilize both built-in and custom configurations

Access predefined configurations for common tasks, or save and reuse custom configurations.

  • Multiply project options

Auto-save all working projects to disk, and add configurations to pre-saved projects.

  • Make code more readable

Automatically pretty-print code formats including JSON, JavaScript, CSS, HTML, and XML.

  • Easily remediate scan results

See source, discovery, contents, and remediation, for every bug, with aggregated application data.

  • Simplify scan reporting

Customize with HTML/XML formats. Report all evidence identified, including issue details.

  • Speed up data transformation

Decode or encode data, with multiple built-in operations (e.g. Hex, Octal, Base64).

Burp Suite Pro 2021.2 (macOS, Linux) -- 查找、发现和利用漏洞


Extensions 扩展

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-0XIJpfO5-1615173296180)(https://portswigger.net/burp/pro/features/images/bapp-store.png)]

  • Create custom extensions

Extender API ensures universal adaptability. Code custom extensions to make Burp work for you.

  • Logger++

For in-depth vulnerability detail, ordered and arranged in an easily accessible table, make use of Logger++.

  • Autorize

When testing for authorization vulnerabilities, save time and perform repeat requests with Autorize.

  • Turbo Intruder

Configured in Python, with a custom HTTP stack, Turbo Intruder can unleash thousands of requests per second.

  • J2EE Scan

Expand your Java-specific vulnerability catalogue and hunt the most niche bugs, with J2EEScan.

  • Access the extension library

The BApp Store customizes and extends capabilities. Over 250 extensions, written and tested by Burp users.

  • Upload Scanner

Adapt Burp Scanner’s attacks by uploading and testing multiple file-type payloads, with Upload Scanner.

  • AuthMatrix

Run AuthMatrix with Autorize to define your access-level vulnerability authorization check.

  • Param Miner

Quickly find unkeyed inputs with Param Miner - can guess up to 65,000 parameter names per second.

  • Backslash Powered Scanner

Find research-grade bugs, and bridge human intuition and automation, with Backslash Powered Scanner.

下载地址

百度网盘链接:https://sysin.org/article/burp-suite-pro/

上一篇:Burp爆破时四种不同方式的区别


下一篇:如何在 Ubuntu18.04上 安装并配置 Burp Suite 社区版本