Below are some examples of configuring and executing Burp Intruder. For more details, see the Burp Intruder help page.

Positioning payloads - In each attack, Burp Intruder generates a number of HTTP requests using a template request, and one or more sets of attack payloads. This shows how payload position markers are configured in the template request:

Configuring payloads - Burp Intruder comes preconfgured with sets attack payloads, and also contains a large number of tools for dynamically generating payloads that are appropriate to specific mechanisms found in the target application. For more details of each type of payload source, including screenshots, see the Burp Intruder help page.

Content enumeration - This attack is checking for common databases on a Lotus Domino server. The HTTP code and the length of each response indicate where interesting content has been found. The attack has been configured to check each response for the expression "not authorized", to identify which enumerated resources are protected by access controls. The right-hand column indicates where this expression was found:

Password guessing - This attack is making repeated attempts to login to an application using a known username and a wordlist. Burp Intruder can be configured to attack many kinds of authentication schemes, including forms-based, basic HTTP and cookie-based. In this example, the successful login is indicated by the HTTP code, the length of the response, and the absence of the expression "login incorrect":

Data mining - This attack is extracting data from a web application which has a password disclosure vulnerability. This type of vulnerability is often found in poorly designed administrative functionality which can be used to access sensitive information, sometimes in hidden HTML form fields. The attack is making repeated requests to the vulnerable page and iterating through all possible user IDs, to obtain all usernames and passwords of application users. The attack has been configured to extract the contents of the relevant form fields. This data can be saved and used as the input file for further attacks or other tools:

Displaying a result - Burp Intruder can be configured to store each response received from the server in full, in addition to the key information stored in the the results table. Each stored result can be analysed and rendered in detail:

For detailed information about the configuration and execution of Burp Intruder, see the help file.