Java集成攻击平台 Burp Suite
openkk 13年前
<div id="p_fullcontent" class="detail"> <p>Burp Suite是一个Web应用程序集成攻击平台,它包含了一系列burp工具,这些工具之间有大量接口可以互相通信,这样设计的目的是为了促进和提高整个攻 击的效率。平台中所有工具共享同一robust框架,以便统一处理HTTP请求,持久性,认证,上游代理,日志记录,报警和可扩展性。 Burp Suite允许攻击者结合手工和自动技术去枚举、分析、攻击Web应用程序。这些不同的burp工具通过协同工作,有效的分享信息,支持以某种工具中的信 息为基础供另一种工具使用的方式发起攻击。</p> <p>Burp Suite包含以下关键组件:</p> <ul> <li>An intercepting <strong><a href="/misc/goto?guid=4958194026339017800">proxy</a></strong>, which lets you inspect and modify traffic between your browser and the target application.</li> <li>An application-aware <strong><a href="/misc/goto?guid=4958194027079766593">spider</a></strong>, for crawling content and functionality.</li> <li>An advanced web application <strong><a href="/misc/goto?guid=4958194027823847339">scanner</a></strong>, for automating the detection of numerous types of vulnerability.</li> <li>An <strong><a href="/misc/goto?guid=4958194028556718839">intruder</a></strong> tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.</li> <li>A <strong><a href="/misc/goto?guid=4958194029288043781">repeater</a></strong> tool, for manipulating and resending individual requests.</li> <li>A <strong><a href="/misc/goto?guid=4958194030027749807">sequencer</a></strong> tool, for testing the randomness of session tokens.</li> <li>The ability to <strong><a href="/misc/goto?guid=4958194030769772066">save your work</a></strong> and resume working later.</li> <li><strong><a href="/misc/goto?guid=4958194031503095450">Extensibility</a></strong>, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.</li> </ul> <p> </p> <p><img style="width:571px;height:381px;" title="18082701_w2v9.png" border="0" alt="18082701_w2v9.png" src="https://simg.open-open.com/show/f1931b0599586a05bc56bda01362f2a7.png" /><br /> <br /> <span style="font-weight:bold;">项目地址</span>:<a href="/misc/goto?guid=4958194032231616845" target="_blank">http://portswigger.net/burp/</a></p> </div>