As a freelance penetration tester (ethical hacker) and security researcher, most of Robert’s job involves simulating hacker attacks and digging into the security of a target organization. It is key that he finds bugs to justify his employment. It is vital when he is testing that he is able to focus on the complex task of discovering real and critical issues.
|Challenge||Robert is a highly- experienced penetration tester, who has worked in the industry for nearly a decade. In the last few years, he has performed contract work for numerous companies, as well as working full-time for a couple of periods.
Robert prefers to maintain his own set of testing tools, mostly free and open source ones. He regards the big commercial products as too expensive.
|Solution||Following a friend’s recommendation, Robert gave Burp Suite Professional a try, and finds that it provides a very effective back-up to his manual methodology. He frequently uses Burp Intruder for automating custom attacks, such as fuzzing unusual input validation and exploiting vulnerabilities to harvest useful data from an application.
He has recently found that Burp Scanner is able to identify numerous input-based bugs faster than he can find them manually, leaving him to focus his efforts on issues that require human intelligence to discover.
|Benefits||Robert thinks Burp is cheap, and he is happy to pay the subscription himself. He always recommends Burp to colleagues who haven’t yet discovered its benefits.|
“Burp has made my job so much easier."
Companies and individuals globally rely on Burp Suite to uncover security vulnerabilities in their web applications.
Today, over 25,000 individuals use Burp Suite and this number is growing daily.