Hands-On Application Penetration Testing with Burp Suite

coverpage

Title Page

Copyright and Credits

Hands-On Application Penetration Testing with Burp Suite

Contributors

About the authors

About the reviewer

Packt is searching for authors like you

About Packt

Why subscribe?

Packt.com

Preface

Who this book is for

What this book covers

To get the most out of this book

Conventions used

Get in touch

Reviews

Configuring Burp Suite

Getting to know Burp Suite

Setting up proxy listeners

Managing multiple proxy listeners

Working with non-proxy-aware clients

Creating target scopes in Burp Suite

Working with target exclusions

Quick settings before beginning

Summary

Configuring the Client and Setting Up Mobile Devices

Setting up Firefox to work with Burp Suite (HTTP and HTTPS)

Setting up Chrome to work with Burp Suite (HTTP and HTTPS)

Setting up Chrome proxy options on Linux

Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)

Additional browser add-ons that can be used to manage proxy settings

FoxyProxy for Firefox

Proxy SwitchySharp for Google Chrome

Setting system-wide proxy for non-proxy-aware clients

Linux or macOS X

Windows

Setting up Android to work with Burp Suite

Setting up iOS to work with Burp Suite

Summary

Executing an Application Penetration Test

Differences between a bug bounty and a client-initiated pentest

Initiating a penetration test

Why Burp Suite? Let's cover some groundwork!

Types and features

Crawling

Why Burp Suite Scanner?

Auditor/Scanner

Understanding the insertion points

Summary

Exploring the Stages of an Application Penetration Test

Stages of an application pentest

Planning and reconnaissance

Client-end code analysis

Manual testing

Various business logic flaws

Second-order SQL injection

Pentesting cryptographic parameters

Privilege escalation

Sensitive information disclosures

Automated testing

Exploiting discovered issues

Digging deep for data exfiltration

Taking shells

Reporting

Getting to know Burp Suite better

Features of Burp Suite

Dashboard

Target

Proxy

Intruder

Repeater

Comparer

Sequencer

Decoder

Extender

Project options

User options

Summary

Preparing for an Application Penetration Test

Setup of vulnerable web applications

Setting up Xtreme Vulnerable Web Application

Setting up OWASP Broken Web Application

Reconnaissance and file discovery

Using Burp for content and file discovery

Testing for authentication via Burp

Brute forcing login pages using Burp Intruder

Testing for authentication page for SQL injection

Summary

Identifying Vulnerabilities Using Burp Suite

Detecting SQL injection flaws

Manual detection

Scanner detection

CO2 detection

Detecting OS command injection

Manual detection

Detecting XSS vulnerabilities

Detecting XML-related issues such as XXE

Detecting SSTI