Basically, for Black Box or Gray Box Pentester's often need to define their scope while testing for a web application. Web application URL's IP addresses Admin or Non-admin Database type that's being used by the application (ORACLE, MySQL, etc.) Now, lets see the differences between Burp Suite Free and Professional. In Burp Suite Free: Most of the Burp Suite's Pro functionality is enabled in. Contribute to jas502n/BurpSuiteProv1.7.37 development by creating an account on GitHub.
- Target - This tool contains detailed information about your target applications, and lets you drive the process of testing for vulnerabilities.
- Proxy - This is an intercepting web proxy that operates as a man-in-the-middle between the end browser and the target web application. It lets you intercept, inspect and modify the raw traffic passing in both directions.
- Scanner - This is an advanced web vulnerability scanner, which can automatically crawl content and audit for numerous types of vulnerabilities.
- Intruder - This is a powerful tool for carrying out automated customized attacks against web applications. It is highly configurable and can be used to perform a wide range of tasks to make your testing faster and more effective.
- Repeater - This is a tool for manually manipulating and reissuing individual HTTP requests, and analyzing the application's responses.
- Sequencer - This is a sophisticated tool for analyzing the quality of randomness in an application's session tokens or other important data items that are intended to be unpredictable.
- Decoder - This is a useful tool for performing manual or intelligent decoding and encoding of application data.
- Comparer - This is a handy utility for performing a visual 'diff' between any two items of data, such as pairs of similar HTTP messages.
- Extender - This lets you load Burp extensions, to extend Burp's functionality using your own or third-party code.
- Clickbandit - This is a tool for generating Clickjacking attacks.
- Collaborator client - This is a tool for making use of Burp Collaborator during manual testing.
- Mobile Assistant - This is a tool to facilitate testing of mobile apps with Burp Suite.
- Logger - This is a tool for recording and analyzing HTTP traffic that Burp Suite generates.