PortSwigger
Projects
Updated 11 Aug 2005
Burp intruder
| Pop | 56.18 |
|---|---|
| Vit | 1.55 |
Burp intruder is a tool that facilitates automated attacks against Web-enabled applications. It is highly configurable and can test for common Web application vulnerabilities such as SQL injection, cross-site scripting, buffer overflows, and directory traversal as well as performing brute force attacks against authentication schemes, enumeration, parameter manipulation, trawling for hidden content and functionality, session token sequencing and session hijacking, data mining, concurrency attacks, and application-layer denial-of-service attacks.
Updated 22 Dec 2007
Burp proxy
| Pop | 131.15 |
|---|---|
| Vit | 4.04 |
Burp proxy is an interactive HTTP/S proxy server for attacking Web-enabled applications. It operates as a man-in-the-middle between the end browser and the target Web server, and allows the attacker to intercept, inspect, and modify the raw traffic passing in both directions. Text and hex editing may be performed on intercepted traffic. Downstream proxies are supported. Authentication may be done to downstream proxy and Web servers, using basic, NTLM, or digest authentication types.
Updated 11 Aug 2005
Burp spider
| Pop | 56.68 |
|---|---|
| Vit | 1.91 |
Burp spider is a tool for enumerating Web-enabled applications. It uses various intelligent techniques to generate a comprehensive inventory of an application's content and functionality. Key features include parsers for HTML and JavaScript, presentation of findings in tree and table formats, handling of HTML forms with automatic or user-guided form submission, authentication to protected areas of the application using supplied credentials, cookie processing, detection of custom "not found" responses, fine-grained scope control, SSL support, identification of dynamic "application" pages which use data parameters or are session-dependent, and IDS evasion techniques.
Updated 18 Dec 2007
Burp suite
| Pop | 67.87 |
|---|---|
| Vit | 1.77 |
Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.
