Hack like a pro with burp suite - nullhyd
•Download as PPTX, PDF•
11 likes•3,237 views
Hack like a pro with burp suite
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Hack like a pro with burp suite - nullhyd
Similar to Hack like a pro with burp suite - nullhyd (20)
More from n|u - The Open Security Community
More from n|u - The Open Security Community (20)
Recently uploaded
Recently uploaded (20)
Hack like a pro with burp suite - nullhyd
- 1. Hack Like a Pro with Burp Suite /pavanw3b
- 2. What do you learn? I’m a boring geek Burp Suite is your best friend Some really cool tweaks
- 3. ~$ whoami pavanw3b Yet another w3bAppSec guy break-fix-repeat Security Engineer @ ServiceNow
- 4. Who’s an expert here?
- 5. More than an interception proxy Burp Suite
- 6. Start like a Pro $ java –jar –Xmx4G /path/burpsuite.jar • Let burp use up to 4GB • Default can be as low as 128MB • But not more than 4GB
- 8. Focus on Target It’s your Desktop Set better Scope Compare Site maps Drop out-of- scope Options > Connections
- 9. Better Filter Target See In-scope items Hide not-found Demo
- 10. Playing around Proxy Play around Message Analytics Can also contain XML, AMF & View State Intercept Request Intercept Response HTTP history: Params & Filter Unhide hidden form fields
- 11. Exploiting with Intruder Send lots of data & make sense of response Username Enumeration, Directory Fuzzing – XSS, SQLi, Path traversal Add payload: FuzzDB, WebAppURLs, OWASP DirBuster Demo: Save & Load attack Config
- 12. Stay calm & use Scanner Passive Scanning Active Scanning Use wise! Crawl -> Scan Demo Don’t make too fast Be in-scope
- 13. Never miss anything - Repeater Scratchpad Demo Change the way you want it Try OPTIONS
- 14. The good Spider Create lots of Pollution Form Submissions Do after manual Crawl Demo Some are only on Prod: robots.txt Careful - Delete all users
- 15. All about tokens - Sequencer Test how random it is.. Session, CSRF, Password reset etc Min 100 tokens required
- 16. Find the secret - Decode No Key - No Security Encode != Security Demo Send to Decoder
- 17. Confused? Use Comparer Compare responses Blind SQLi Compare by Words ByteByte: Computationally costly Demo: Compare 2 responses
- 18. Engagement Tools Search Find in Comments, Scripts, Ref Analyze Target Discover Content
- 19. Wanna add? Extender Jython, JRuby etc BApp Store java.lang.OutOfMemoryError? java -XX:MaxPermSize=1G -jar burpsuite.jar
- 20. Maintenance Save State Save in-scope only Restore State Don’t restore from untrusted sources Auto backup Schedule Task: Save State - Creates only 1file
- 21. Some more if you need Right click & you got all Shortcuts: Options > Misc > Hotkeys
- 22. References & Reads Burp Suite Essentials by Akash Mahajan 10 Unbeatable Features of Burp Suite Pro Official Documentation Pen Testing with Burp Suite Real life tips & tricks
- 23. Am I really boring? Pavan http://pavanw3b.com fb/pavanw3b | @pavanw3b
Editor's Notes
- Zoom: alt cmd +
- Passive Scanning: Scan requests already made and won’t send any new requests
- Cmd to generate random numbers: Fail case: jot -r 20001 1 400000 | tee tokens-larger Pass case: for i in ` seq 1 5000 `; do uuidgen | tee -a tokens-uuid; done
- Find in Comments, Scripts are available only from Target.