New! Burp Scanner is a web application vulnerability scanner designed for penetration testers. Features include:

• Active and passive scanning modes.
• User-directed manual scanning, or "live scanning" as you browse.
• Advanced feedback-driven scan logic.
• Immediate results and fine-grained control over scans.
• Fully customised vulnerability advisories.
• Close integration with other Burp tools.
• Professional reporting.

Burp Scanner is part of Burp Suite Professional.

Read more

Burp Suite is an integrated platform for attacking and testing web applications. It contains the latest versions of all the Burp tools, including:

• Intercepting web proxy
• Application-aware web spider
• Hacker-oriented vulnerability scanner [Professional edition only]
• Burp Intruder, an advanced tool for automating customised attacks
• FIPS-compliant session token analysis
• Utilities for decoding and comparing application data.

All of the Suite tools are tightly integrated, with numerous interfaces designed to facilitate and speed up the process of attacking an application.

Read more  Download

Highlights include:

• Comprehensive and deep coverage of all kinds of attacks.
• Practical focus that spells out the detailed steps involved in detecting and exploiting each kind of vulnerability.
• Numerous real-world examples, screen shots and code extracts.
• Advanced techniques including how to disassemble client-side components, automate custom attacks, and find vulnerabilities in source code.
• A detailed, proven methodology for performing an end-to-end attack.

Read more  Buy  Other security books