Java集成攻擊平臺 Burp Suite
Burp Suite是一個Web應用程序集成攻擊平臺,它包含了一系列burp工具,這些工具之間有大量接口可以互相通信,這樣設計的目的是為了促進和提高整個攻 擊的效率。平臺中所有工具共享同一robust框架,以便統一處理HTTP請求,持久性,認證,上游代理,日志記錄,報警和可擴展性。 Burp Suite允許攻擊者結合手工和自動技術去枚舉、分析、攻擊Web應用程序。這些不同的burp工具通過協同工作,有效的分享信息,支持以某種工具中的信 息為基礎供另一種工具使用的方式發起攻擊。
Burp Suite包含以下關鍵組件:
- An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
- An application-aware spider, for crawling content and functionality.
- An advanced web application scanner, for automating the detection of numerous types of vulnerability.
- An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
- A repeater tool, for manipulating and resending individual requests.
- A sequencer tool, for testing the randomness of session tokens.
- The ability to save your work and resume working later.
- Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.
本文由用戶 openkk 自行上傳分享,僅供網友學習交流。所有權歸原作者,若您的權利被侵害,請聯系管理員。
轉載本站原創文章,請注明出處,并保留原始鏈接、圖片水印。
本站是一個以用戶分享為主的開源技術平臺,歡迎各類分享!