Web Application Security testing is a specialized process in security testing and Burp Suite of tools provides a set of tools which work together to support the end to end security testing process. It allows a security tester from initial mapping and analysis of an application’s attack surface through to finding and exploiting security vulnerabilities
Burp Suite supports both manual and automated security testing. The key components within the Burp Suite includes the following:
- An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
- An application-aware spider, for crawling content and functionality.
- An advanced web application scanner, for automating the detection of numerous types of vulnerability.
- An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
- A repeater tool, for manipulating and resending individual requests.
- A sequencer tool, for testing the randomness of session tokens.
- The ability to save your work and resume working later.
- Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.
Try it yourself to how the tool is shaped up in performing the web application security testing.
To download Burp Suite click here. It comes in two versions, one free and the other one commercial. Choose the version based on your Web Application Security testing needs