Home

 

 

Blog

 

Burp suite
About
Screenshots
Help
Download
Professional

 

Burp intruder

 

Burp proxy

 

Burp spider

 

Burp sequencer

 

Burp repeater

 

Books

 

Misc

 

 

RSS

 



Search site
 




Burp Comparer help

Burp Comparer is a simple tool for performing a comparison (a visual "diff") between any two items of data. In the context of attacking a web application, this requirement will typically arise when you want to quickly identify the differences between two application responses (for example, between two responses received in the course of a Burp Intruder attack, or between responses to a failed login using valid and invalid usernames), or between two application requests (for example, to identify the different request parameters that give rise to different behaviour).

To perform a comparison between items of data, you can paste them into Burp Comparer, or load them from file. However, the easiest method is typically to pass the interesting requests or responses directly to Comparer from any of the other Burp tools:

When items of data have been loaded into Burp Comparer, they appear within the two tables in the main panel:

To perform a comparison, you simply need to select a different item from each table and click one of the "compare" buttons:

  • word compare - This comparison tokenises each item based on whitespace delimiters, and identifies the token-level edits required to transform the first item into the second. It is most useful when the interesting differences between the compared items exist at the "word" level, for example in HTML documents containing different content.
  • byte compare - This comparison identifies the byte-level edits required to transform the first item into the second. It is most useful when the interesting differences between the compared items exist at the "byte" level, for example in HTTP requests containing subtly different values in a particular parameter or cookie.

You should note that the byte-level comparison is considerably more computationally intensive, and you should normally only employ this option when a word-level comparison has failed to identify the relevant differences in an informative manner.

When you initiate a compare, a new window appears showing the results of the comparison. The title bar of the window indicates the total number of "edits" between the two items. The two main panels show the compared items colourised to indicate each modification, deletion and addition required to transform the first item into the second.

You can select text or hex view of each item. Selecting the "sync views" box will enable you to scroll the two panels simultaneously and so quickly identify the interesting edits in most situations.

 

Copyright (c) 2007 PortSwigger. All rights reserved.