Burp suite - 一款Web渗透测试的集成套件
2011-12-27 23:17
316 查看
Burp suite 是由portswigger开 发的一套用于Web渗透测试的集成套件,它包含了spider,scanner(付费版本),intruder,repeater,sequencer,decoder,comparer等模块,每个模块都有其独特的用途,给专业和非专业的 Web渗透测试人员的测试工作带来了极大的便利
下载地址:
http://portswigger.net/burp/download.html
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.
Burp Suite contains the following key components:
An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
An application-aware spider, for crawling content and functionality.
An advanced web application scanner, for automating the detection of numerous types of vulnerability.
An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
A repeater tool, for manipulating and resending individual requests.
A sequencer tool, for testing the randomness of session tokens.
The ability to save your work and resume working later.
Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.
Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work.
下载地址:
http://portswigger.net/burp/download.html
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun.
Burp Suite contains the following key components:
An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
An application-aware spider, for crawling content and functionality.
An advanced web application scanner, for automating the detection of numerous types of vulnerability.
An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
A repeater tool, for manipulating and resending individual requests.
A sequencer tool, for testing the randomness of session tokens.
The ability to save your work and resume working later.
Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.
Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work.
相关文章推荐
- web渗透测试套件-WebSploit 1.8
- web渗透测试套件 - WebSploit
- WEB渗透测试之漏扫神器
- Kali Linux Web 渗透测试视频教程— 第十六课-拒绝服务攻击
- 【转】WEB安全之渗透测试流程
- web渗透测试的思路
- Kali Linux web渗透测试 学习笔记 1 系统安装
- 渗透测试集成环境Faraday
- WEB下渗透测试经验技巧(全)
- 小白日记32:kali渗透测试之Web渗透-扫描工具-QWASP_ZAP
- Kali Linux Web 渗透测试秘籍 第六章 利用 -- 低悬的果实
- Kali Linux Web 渗透测试视频教程—第十课 w3af
- 【Java.JUnit】Spring Test, JUnit, Mockito, Hamcrest 集成 Web 测试
- KALI LINUX WEB 渗透测试视频教程—第16课 BEEF基本使用
- Kali Linux Web 渗透测试视频教程— 第八课 nessus
- Shiro基础知识06----与Web集成(使用ini测试,使用数据库)
- Maven实战(五)自动化Web应用集成测试
- Web渗透测试入门教程