This page may be out of date

We haven't updated it for a while because we're busy working on new, improved content to help you get the most out of Burp Suite. In the meantime, please note that the information on this page may no longer be accurate.

Visit our Support Center

Using Burp to Bypass Client-Side Controls

Many security problems arise with web application because clients can submit arbitrary input. Some web applications rely solely on client-side controls to control the data that they submit to the server. In general, this represents a fundamental security flaw: the user has full control over the client and the data it submits and can bypass any client-side controls that are not replicated on the server.

Use the links below to access various tutorial pages for testing client-side control vulnerabilities: