SapperNet

SAPPERNET CYBERSECURITY

Insider Insights on Cybersecurity

Burp Suite Community fundamentals overview via TryHackMe

As part of the Hacking with Hayden series: Burp Suite is the class-leading vulnerability scanning, penetration testing, and web app security platform. This is an introduction to the platform and some of its functionality.

Burp Suite Community is a framework for web and mobile application penetration testing. Burp Suite does this by capturing and manipulating the traffic between an attacker and a webserver giving the user the ability to intercept, view, and modify web requests. 

The primary tools offered by Burp Suite Community:

Proxy – allows the user to intercept and modify requests when interacting with web applications.

Repeater – allows the user to capture, modify, and resend the same request multiple times. This is most valuable when crafting a payload through trial and error or testing for flaws in an endpoint.

Intruder – spam an endpoint with requests, used for brute force attacks or to fuzz endpoints. Decoder – decoding captured information, or encoding a payload. Comparer – compare data at either word or byte level.

Sequencer – assesses the randomness of tokens or cookies that are supposed to be randomly generated. If they’re not… good luck. If you feel inclined to create your own extensions, it is easy to write your own for use in the burp framework.  

The dashboard is split into 4 parts 

1  Tasks – allows us to choose the tasks that will run in the background. 

2 Issue Activity – Exclusive to Burp Pro, lists all of the vulnerabilities found by the automatic scanner. 

3 Event Log – tells us what Burp Suite is doing as well as information about connections made through Burp Suite 

4 Advisory – Gives us information about the vulnerabilities found, with references and remediations. Also gives us the ability to export it into a report. 

All other functionality can be found in the tabs above the dashboard. 

The Burp Proxy is the most important and used tool in Burp Suite. This is the tool that allows you to capture requests and responses between you and the target. Further allowing you to manipulate or send them to other tools for further tinkering before allowing them to proceed to their destination.  

Connecting through a proxy – the most common way is to configure your web browser to proxy traffic through Burp by using a Firefox browser extension called FoxyProxy. FoxyProxy allows the user to save proxy profiles, making it easy to enter your Burp Suite profile, and or disable the proxy just as easily. 

Allowing Burp Suite to capture all traffic can become a pain. Scoping allows us to choose what gets proxied and logged. This is done by configuring the “Target” tab > Right Click the target from the list on the left > “Add to Scope”. After this Burp will ask if you want to stop logging everything that is not in scope. To confirm, navigate to the “Scope” sub-tab. This tab will allow you to control the domains & IPs that are both included or excluded. To completely ignore anything that is not in your scope navigate to Proxy > Options > Intercept Client Requests > select “And URL Is in target scope”. 

The three sub-tabs under Target: Site map – allows us to use a tree diagram to map out the targeted apps. Every visited page will show up here, allowing you to create a map as you navigate the site. (Burp Pro allows you to spider the targets automatically). The site map is extremely useful for mapping out an API. API endpoints that the page gets data from will show up. Scope – refer to the above paragraph. Issue definitions – a large list of web vulnerabilities including descriptions and references.  

This has been a mostly theoretical overview of Burp Suite Community and its functions. To enhance your knowledge and skill with Burp Suite, I would recommend tinkering around with the settings and familiarizing yourself with the GUI. Before completing the https://tryhackme.com/room/burpsuitebasics I found a video on YouTube (Burpsuite Basics (FREE Community Edition) that provided a great overview of the settings and made Burp Suite and all of its function easier to digest before trying myself.

To further your practical expertise, there is a program called Damn Vulnerable Web App (DVWA) that can be found at https://github.com/digininja/DVWA. This will allow you to practice using Burp Suite in a controlled environment.   

https://tryhackme.com/room/burpsuitebasics

, , , ,

Check out these related posts

Leave a comment

Website Powered by WordPress.com.