Thomas Wilhelm, in Professional Penetration Testing (Second Edition), 2013 Automated Tools Our goal with the Burp intercepting proxy feature is to tweak requests so they still follow the rules of HTTP, but can make the application act unexpectedly. Essentially this tool is acting as a proxy, a “man in the middle,” between you and the web application, allowing you to have finer control over the exact traffic you are sending and receiving.
In Burp Suite you can then tweak the raw HTTP in various ways before forwarding the request on to the web server. With Burp Suite, however, HTTP requests go from your browser straight to Burp Suite, which intercepts the traffic. Normally HTTP requests go from your browser straight to a web server and then the web server response is sent back to your browser. One of Burp Suite’s main features is its ability to intercept HTTP requests. Henry Dalziel, in How to Hack and Defend your Website in Three Hours, 2015 1.15 Using the Burp Suite intercepting proxyīurp Suite is a fully featured web application attack tool: it does almost anything that you could ever want to do when penetration testing a web application.
0 kommentar(er)
