Home

 

 

Blog

 

Burp suite

 

Burp scanner

 

Burp intruder

 

Burp proxy

 

Books

 

Misc

 

 

RSS

 






Web application security
 

Burp Scanner is a web application vulnerability scanner designed for penetration testers. Features include:

  • Active and passive scanning modes.
  • User-directed manual scanning, or "live scanning" as you browse.
  • Advanced feedback-driven scan logic.
  • Immediate results and fine-grained control over scans.
  • Fully customised vulnerability advisories.
  • Close integration with other Burp tools.
  • Professional reporting.

Burp Scanner is part of Burp Suite Professional.

Read more  Success stories

 

 

Burp Suite is an integrated platform for attacking and testing web applications. It contains the latest versions of all the Burp tools, including:

  • Intercepting web proxy
  • Application-aware web spider
  • Hacker-oriented vulnerability scanner [Professional edition only]
  • Burp Intruder, an advanced tool for automating customised attacks
  • FIPS-compliant session token analysis
  • Utilities for decoding and comparing application data.

All of the Suite tools are tightly integrated, with numerous interfaces designed to facilitate and speed up the process of attacking an application.

Read more  Download 

 
The Web Application Hacker's Handbook aims to be the most deep and comprehensive general purpose guide to hacking web applications that is currently available.

Highlights include:

  • Comprehensive and deep coverage of all kinds of attacks.
  • Practical focus that spells out the detailed steps involved in detecting and exploiting each kind of vulnerability.
  • Numerous real-world examples, screen shots and code extracts.
  • Advanced techniques including how to disassemble client-side components, automate custom attacks, and find vulnerabilities in source code.
  • A detailed, proven methodology for performing an end-to-end attack.

Read more  Buy  Other security books

 

The Web Application Hacker's Handbook Live Edition is a cutting-edge training course written and presented by the authors of WAHH.

While the book itself provides a solid basis in the theory and practice of exploiting today’s enterprise web applications, this course is a practical opportunity to take the skills and theory taught in the book to the next level, experimenting with all of the tools and techniques against numerous vulnerable web applications and labs, under the guidance of the book’s authors. The course also includes new material from the forthcoming second edition of WAHH, bringing the book right up to date with the latest attacks.

Read more 

 

 

Copyright (c) 2010 PortSwigger Ltd. All rights reserved. Email us.