introduction · burpsuite practice guide

Posted by punzalan at 2020-03-18


When I first came into contact with web security, I was eager to find an integrated penetration testing tool. I finally chose burp suite. In addition to its powerful functions, it is also easy to use and use. So I downloaded a cracked version from the Internet to use. I remember it was version 1.2 at that time, and its function is not as powerful as it is now. In the process of using, it is found that there are too few books about burpseuite on the Internet, most of which are sporadic and fragmentary, not systematic. Later, a lot of videos about burpseuite appeared slowly, and the status quo is getting better and better. But every time I encounter unknown problems, I still have to search the official documents and English web pages of burpsuite to solve the problems. It is these problems that slowly make me feel that it is necessary to organize a comprehensive Chinese course of burpsuite, which is a modest effort for the web security community. This series of articles you see now are also available.

I chose the common name of the books in the IT industry: "the practical guide of burpsuse". You can call me the Chinese writer. The content of the article mainly comes from the official documents of burpsuse and the experience summary of many foreign security bulls. I just compiled the current Chinese course based on their experience, understanding and practice. I have no plan to publish this book as a paper book. In the spirit of it people's Internet sharing, I put it in GitHub to make a free e-book. In the industry, it is a small contribution; in oneself, it is a summary and exercise.

The above is a small note.

Thank you for reading this book. If you find any mistakes during reading, please send an email to [email protected]. Thank you for your criticism and correction.

This book contains the following chapters:

Part I burp suite Foundation

Part II burp suite advanced

Part III comprehensive use of burp Suite