Projects / Burp spider

Burp spider

Burp spider is a tool for enumerating Web-enabled applications. It uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality. Key features include parsers for HTML and JavaScript, presentation of findings in tree and table formats, handling of HTML forms with automatic or user-guided form submission, authentication to protected areas of the application using supplied credentials, cookie processing, detection of custom "not found" responses, fine-grained scope control, SSL support, identification of dynamic "application" pages which use data parameters or are session-dependent, and IDS evasion techniques.

Tags
Operating Systems
Implementation

RSS Recent releases

  •  11 Aug 2005 11:46

Release Notes: This release can "passively" spider Web applications, with all requests originating from the user's browser. A regex-based search and highlight function was added to all text panes. Server HTML responses are now rendered as Web pages. This release is fully integrated with the other burp suite tools. The scope for a spidering session can be specified using both URL regex and IP ranges. Preferences are optionally persistent across program launches.

  •  06 May 2004 08:50

Release Notes: Substantial performance improvements have been made, increasing speed and reducing CPU utilization. Advanced communications options were added, including proxy server support, authentication using basic, NTLM, and digest types, and configurable timeout values.

  •  23 Mar 2004 14:05

No changes have been submitted for this release.

Screenshot

Project Spotlight

General Configuration Form Manager

A minimalist Web server for configuration forms.

Screenshot

Project Spotlight

Unflattener

A tool that makes normal maps for 2D art.