Hands-On Application Penetration Testing with Burp Suite
- Paperback: 366 pages
- Publisher: WOW! eBook (February 28, 2019)
- Language: English
- ISBN-10: 178899406X
- ISBN-13: 978-1788994064
Hands-On Application Penetration Testing with Burp Suite: Test, fuzz, and break web applications and services using Burp Suite’s powerful capabilities
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.
The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.
- Set up Burp Suite and its configurations for an application penetration test
- Proxy application traffic from browsers and mobile devices to the server
- Discover and identify application security issues in various scenarios
- Exploit discovered vulnerabilities to execute commands
- Exploit discovered vulnerabilities to gain access to data in various datastores
- Write your own Burp Suite plugin and explore the Infiltrator module
- Write macros to automate tasks in Burp Suite
By the end of this Hands-On Application Penetration Testing with Burp Suite book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.