BurpSuite

WORK IN PROGRESS


Notes / Tips

# /!\ HTTP POST Requests needs two carriage return at the end to be valid !

# Firefox sends an HTTP GET every 60s to hxxp://detectportal.firefox.com. To avoid :
about:config > network.captive-portal-service.enabled ==> false


Modules / Addons

# Autorize
# For Each Request you do, it will send an equal request
# But with changed cookies of the session or any additional header used for authorization.

# Just add cookies for user B and browse app using user A
# Try accessing restricted ressources for user B and check for server responses
# 200 --> Possible IDOR
# JSON Beautifier
# This extension adds a new tab to Burp's HTTP message viewer to beautify JSON content.
# HTTP Request Smuggler
# Help finding HTTP Request Smuggling vulnerabilities

# Right click on a request and click 'Launch Smuggle probe', then watch the extension's output pane
# Logger++
# This extension can be used to log the requests and responses made by all Burp tools
# And display them in a sortable table. It can also save the logged data in CSV format.
# Param Miner
# This extension identifies hidden, unlinked parameters.
# It's particularly useful for finding web cache poisoning vulnerabilities.

# Right click on a request in Burp and click "Guess (cookies|headers|params)"
# You can find them listed under Extender->Extensions->Param Miner->Output
# Wsdler
# This extension takes a WSDL request, parses out the operations that are associated
# With the targeted web service, and generates SOAP requests
# That can then be sent to the SOAP endpoints.


Resources to check

# Complete MOOC style course (subscribing but it's free) (2 links are the same course)
https://www.udemy.com/burp-suite/
https://hackademy.aetherlab.net/p/burp-suite

# Video course
https://www.tutorialspoint.com/burpsuite/index.asp

# Kinda detailed tutorial (text + pictures)
https://www.pentestgeek.com/web-applications/burp-suite-tutorial-1
https://www.pentestgeek.com/web-applications/how-to-use-burp-suite

# Fast course/tutorial (text + images)
https://linuxconfig.org/learn-burp-suite-on-kali-linux-part-2
https://linuxconfig.org/learn-burp-suite-on-kali-linux-part-3
https://linuxconfig.org/learn-burp-suite-on-kali-linux-part-4

# ???
https://portswigger.net/web-security 

# Conferences slides
https://fr.slideshare.net/ZackMeyers/web-hacking-with-burp-suite-101

# Not free (but it seems to have a kind of 10 days free ??)
https://www.pluralsight.com/courses/web-application-penetration-testing-with-burp-suite

# Playlist tuto
https://www.hacker101.com/playlists/burp_suite