HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known ...

If you need to use an external browser with Burp instead of Burp's preconfigured Chromium browser, perform the following configuration steps. For the vast majority of users, this process is not ...

Burp Suite is a comprehensive suite of tools for web application security testing. This interactive tutorial is designed to get you started with the core features of Burp Suite as quickly as possible.

You need to configure Firefox so that you can use it for testing with Burp Suite.

You can set the type of payload that you want to inject into the base request. Burp Intruder provides a range of options for auto-generating different types of ...

Blind SQL injection occurs when an application is vulnerable to SQL injection, but its HTTP responses do not contain the results of the relevant SQL query or the details of any database errors. Many ...

You can configure payload processing rules so that Burp Intruder modifies payloads before it inserts them into the request. This is useful for a variety of purposes, such as when you need to: Generate ...

Burp Suite contains a wealth of features and capabilities to support manual and automated security testing. Use the links below for more information: Like any security testing software, Burp Suite ...

Before attempting to install Burp's CA certificate, make sure that you have successfully confirmed that the proxy listener is active and have configured your browser ...

Many servers now support HTTP/2. This exposes them to potential vulnerabilities that are impossible to test for using tools that only speak HTTP/1. Burp Suite provides unrivaled support for ...

You can use the HTTP history to see a record of the HTTP traffic that has passed through Burp Proxy. You can also see any modifications that you made to intercepted messages. Hide columns - ...

Macros are made up of requests taken from the Proxy history. The first step in adding a macro is to select these requests. To do so: The macro editor displays an editable list of items in the macro.