Burp Suite is an integrated platform for performing security
testing of web applications. Its various tools work seamlessly together to
support the entire testing process, from initial mapping and analysis of an
application's attack surface, through to finding and exploiting security
vulnerabilities.
Burp gives you full control, letting you combine advanced manual techniques
with state-of-the-art automation, to make your work faster, more effective, and
more fun.
Burp Suite contains the following key components:
- An intercepting proxy, which lets
you inspect and modify traffic between your browser and the target application.
- An application-aware spider, for
crawling content and functionality.
- An advanced web application scanner,
for automating the detection of numerous types of vulnerability.
- An intruder tool, for
performing powerful customized attacks to find and exploit unusual
vulnerabilities.
- A repeater tool, for
manipulating and resending individual requests.
- A sequencer tool, for testing
the randomness of session tokens.
- The ability to save your work
and resume working later.
- Extensibility, allowing you to
easily write your own plugins, to perform complex and highly customized tasks
within Burp.
Burp is easy to use and intuitive, allowing new users to begin working right
away. Burp is also highly configurable, and contains numerous powerful features
to assist the most experienced testers with their work.