Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Hack like a pro with burp suite by pavanw3b


Published on

Burp Suite
- Overview
- Basic Usage Guide
- Some cool tweaks

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Hack like a pro with burp suite by pavanw3b

  1. 1. Hack Like a Pro with Burp Suite /pavanw3b
  2. 2. What do you learn? I’m a boring geek Burp Suite is your best friend Some really cool tweaks
  3. 3. ~$ whoami pavanw3b Yet another w3bAppSec guy break-fix-repeat Security Engineer @ ServiceNow
  4. 4. Who’s an expert here?
  5. 5. More than an interception proxy Burp Suite
  6. 6. Start like a Pro $ java –jar –Xmx4G /path/burpsuite.jar • Let burp use up to 4GB • Default can be as low as 128MB • But not more than 4GB
  7. 7. Better Proxy-ing Global Just Firefox Moody - FoxyProxy
  8. 8. Focus on Target It’s your Desktop Set better Scope Compare Site maps Drop out-of- scope Options > Connections
  9. 9. Better Filter Target See In-scope items Hide not-found Demo
  10. 10. Playing around Proxy Play around Message Analytics Can also contain XML, AMF & View State Intercept Request Intercept Response HTTP history: Params & Filter Unhide hidden form fields
  11. 11. Exploiting with Intruder Send lots of data & make sense of response Username Enumeration, Directory Fuzzing – XSS, SQLi, Path traversal Add payload: FuzzDB, WebAppURLs, OWASP DirBuster Demo: Save & Load attack Config
  12. 12. Stay calm & use Scanner Passive Scanning Active Scanning Use wise! Crawl -> Scan Demo Don’t make too fast Be in-scope
  13. 13. Never miss anything - Repeater Scratchpad Demo Change the way you want it Try OPTIONS
  14. 14. The good Spider Create lots of Pollution Form Submissions Do after manual Crawl Demo Some are only on Prod: robots.txt Careful - Delete all users Control threads
  15. 15. All about tokens - Sequencer Test how random it is.. Session, CSRF, Password reset etc Min 100 tokens required
  16. 16. Find the secret - Decode No Key - No Security Encode != Security Demo Send to Decoder
  17. 17. Confused? Use Comparer Compare responses Blind SQLi Compare by Words ByteByte: Computationally costly Demo: Compare 2 responses
  18. 18. Engagement Tools Search Find in Comments, Scripts, Ref Analyze Target Discover Content
  19. 19. Wanna add? Extender Jython, JRuby etc BApp Store java.lang.OutOfMemoryError? java -XX:MaxPermSize=1G -jar burpsuite.jar
  20. 20. Maintenance Save State Save in-scope only Restore State Don’t restore from untrusted sources Auto backup Schedule Task: Save State - Creates only 1file
  21. 21. Some more if you need Right click & you got all Shortcuts: Options > Misc > Hotkeys
  22. 22. References & Reads Burp Suite Essentials by Akash Mahajan 10 Unbeatable Features of Burp Suite Pro Official Documentation Pen Testing with Burp Suite Real life tips & tricks
  23. 23. Am I really boring? Pavan fb/pavanw3b | @pavanw3b