原创力文档- 1、本文档共163页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
目录
TOC \o "1-3" Burp Suite文档 7
Getting Started 7
Launching Burp 8
Display Settings 8
Configuring Your Browser 8
The Basics of Using Burp 9
Using BurpSuite 9
Testing Workflow 10
Recon and Analysis 10
Tool Configuration 11
Burp Tools 11
Target 12
Using Burp Target 12
SiteMap 15
Target Information 15
Display Filter 15
Annotations 16
Scope 16
Proxy 17
Using Burp Proxy http、https 17
1) http 17
2) https 19
Intercept 19
1) Forward 19
2) Drop 19
3) Interception is on/off 19
4) Action 19
5) Comment field 20
6) Highlight 20
HTTP history 20
1) History Table 20
2) Display Filter 21
3) Annotations 22
WebSockets history 23
Options 23
1) Proxy Listeners 23
1) Interception Options 25
2) Response Modification 25
3) Match and Replace 25
4) SSL Pass Through 26
5) Miscellaneous 26
Spider 27
Using Burp Spider 27
Control tab 28
Spider Status 28
Spider Scope 29
Options tab 29
Crawler Settings 29
Passive Spidering(被动扫描) 30
Form Submission 31
Application Login 32
Spider Engine 32
Request Headers 33
Scanner 33
Using Burp Scanner 33
Results 35
Report selected issues 36
Delect selected issues 36
Scan Queue 36
Show details 37
Scan again 37
Delete item(S) 37
Delect finished items 37
Automatically delete finished items 37
Pause/resume scanner 37
Send to 37
Live Scanning 38
Live active scanning 38
Live Passive Scanning 38
Options 39
Attack Insertion Points 39
Active Scanning Engine 41
Active Scanning Optimization 42
Active Scanning Areas 42
Passive Scanning Areas 43
Intruder 44
Using Burp Intruder 46
Target 50
Positions 50
Request Template 50
Payload Markers 50
Attack type 51
Payloads 53
Types 53
Processing 54
Optins 56
Request Headers 56
Request Engine 56
Attack Results 57
Grep-Match 57
Grep-Extrack 57
Grep-Payloads 58
Redirections 59
Attacks 59
Launching an Attack 59
Result Tab 60
Attack configuration Tabs 61
Result Menus 61
Repeater 62
Using Burp Repeater 62
Issuing Requests 63
Request History
文档评论(0)