Title Page Copyright and Credits Burp Suite Cookbook Packt Upsell Why subscribe? Packt.com Contributors About the author About the reviewer Packt is searching for authors like you Preface Who this book is for What this book covers To get the most out of this book Conventions used Sections Getting ready How to do it… How it works… There's more… See also Get in touch Reviews Disclaimer Targeting legal vulnerable web applications Getting Started with Burp Suite Introduction Downloading Burp (Community, Professional) Getting ready Software tool requirements How to do it... Setting up a web app pentesting lab Getting ready Software tool requirements How to do it... How it works Starting Burp at a command line or as an executable How to do it... How it works... Listening for HTTP traffic, using Burp Getting ready How to do it... How it works... Getting to Know the Burp Suite of Tools Introduction Software tool requirements Setting the Target Site Map Getting ready How to do it... How it works... Understanding the Message Editor Getting ready How to do it... Repeating with Repeater Getting ready How to do it... Decoding with Decoder Getting ready How to do it... Intruding with Intruder Getting ready How to do it... Target Positions Payloads Payload Sets Payload Options Payload Processing Payload Encoding Options Request Headers Request Engine Attack Results Grep - Match Grep - Extract Grep - Payloads Redirections Start attack button Configuring, Spidering, Scanning, and Reporting with Burp Introduction  Software tool requirements Establishing trust over HTTPS Getting ready How to do it... Setting Project options How to do it... The Connections tab The HTTP tab The SSL tab The Sessions tab The Misc tab Setting user options How to do it... The SSL tab The Display tab The Misc tab Spidering with Spider Getting ready  The Control tab The Options tab How to do it... Scanning with Scanner Getting ready  How to do it... Reporting issues Getting ready  How to do it... Assessing Authentication Schemes Introduction Software tool requirements Testing for account enumeration and guessable accounts Getting ready How to do it... Testing for weak lock-out mechanisms Getting ready How to do it... Testing for bypassing authentication schemes Getting ready How to do it... How it works Testing for browser cache weaknesses Getting ready How to do it... Testing the account provisioning process via the REST API Getting ready How to do it... Assessing Authorization Checks Introduction Software requirements Testing for directory traversal Getting ready How to do it... How it works... Testing for Local File Include (LFI) Getting ready How to do it... How it works... Testing for Remote File Inclusion (RFI) Getting ready How to do it... How it works... Testing for privilege escalation Getting ready How to do it... How it works... Testing for Insecure Direct Object Reference (IDOR) Getting ready How to do it... How it works... Assessing Session Management Mechanisms Introduction Software tool requirements Testing session token strength using Sequencer Getting ready How to do it... How it works... Testing for cookie attributes Getting ready How to do it... How it works... Testing for session fixation Getting ready How to do it... How it works... Testing for exposed session variables Getting ready How to do it... How it works... Testing for Cross-Site Request Forgery Getting ready How to do it... How it works... Assessing Business Logic Introduction Software tool requirements Testing business logic data validation Getting ready How to do it... How it works... Unrestricted file upload – bypassing weak validation Getting ready How to do it... How it works... Performing process-timing attacks Getting ready How to do it... How it works... Testing for the circumvention of work flows Getting ready How to do it... How it works... Uploading malicious files – polyglots Getting ready How to do it... How it works... There's more... Evaluating Input Validation Checks Introduction Software tool requirements Testing for reflected cross-site scripting Getting ready How to do it... How it works... Testing for stored cross-site scripting Getting ready How to do it... How it works... Testing for HTTP verb tampering Getting ready How to do it... How it works... Testing for HTTP Parameter Pollution Getting ready How to do it... How it works... Testing for SQL injection Getting ready How to do it... How it works... There's more... Testing for command injection Getting ready How to do it... How it works... Attacking the Client Introduction Software tool requirements Testing for Clickjacking Getting ready How to do it... How it works... Testing for DOM-based cross-site scripting Getting ready How to do it... How it works... Testing for JavaScript execution Getting ready How to do it... How it works... Testing for HTML injection Getting ready How to do it... How it works... Testing for client-side resource manipulation Getting ready How to do it... How it works... Working with Burp Macros and Extensions Introduction Software tool requirements Creating session-handling macros Getting ready How to do it... How it works... Getting caught in the cookie jar Getting ready How to do it... How it works... Adding great pentester plugins Getting ready How to do it... How it works... Creating new issues via the Manual-Scan Issues Extension Getting ready How to do it... How it works... See also Working with the Active Scan++ Extension Getting ready How to do it... How it works... Implementing Advanced Topic Attacks Introduction Software tool requirements Performing XXE attacks Getting ready How to do it... How it works... Working with JWT Getting ready How to do it... How it works... Using Burp Collaborator to determine SSRF Getting ready How to do it... How it works... See also Testing CORS Getting ready How to do it... How it works... See also Performing Java deserialization attacks Getting Ready How to do it... How it works... There's more... See also Other Books You May Enjoy Leave a review - let other readers know what you think