Burp Suite v1.2 Released – Web Application Security Testing & Attack Platform


Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another (The tools are Proxy, Spider, Scanner, Intruder, Repeater, Sequencer, Decoder & Comparer).

Key features unique to Burp Suite include:

  • Detailed analysis and rendering of requests and responses.
  • One-click transfer of interesting requests between tools.
  • Ability to “passively” spider an application in a non-intrusive manner, with all requests originating from the user’s browser.
  • FIPS-compliant statistical analysis of session token randomness.
  • Utilities for decoding and comparing application data.
  • Support for custom client and server SSL certificates.
  • Extensibility via the IBurpExtender interface.
  • Centrally configured settings for downstream proxies, web and proxy authentication, and logging.
  • Tools can run in a single tabbed window, or be detached in individual windows.
  • Runs in both Linux and Windows.

New features in version 1.2 include:

  • Site map showing information accumulated about target applications in tree and table form.
  • Fully fledged web vulnerability scanner. [Pro version only]
  • Suite-level target scope configuration, driving numerous individual tool actions.
  • Display filters on site map and Proxy request history.
  • Ability to save and restore state. [Pro version only]
  • Suite-wide search function.
  • Support for invisible proxying.

Burp Suite is a Java application, and runs on any platform for which a Java Runtime Environment is available. It requires version 1.5 or later. The JRE can be obtained for free from java.sun.com.

You can download Burp Suite v1.2 here:

burpsuite_v1.2.zip

Or read more here.

Posted in: Hacking Tools, Networking Hacking Tools, Web Hacking

, , , , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


One Response to Burp Suite v1.2 Released – Web Application Security Testing & Attack Platform

  1. navin December 30, 2008 at 12:07 pm #

    “Support for invisible proxying” Not really…..I personally tested this out

    But I’m just happy we’re moving on frm the “retard mails” controversy

    and while I’m at it……. Happy New Year everyone!!

    May the new year bring with it, loads of exploits, bugs, RATS, Trojans, and Patch cycles

    cheers!!