Burp Suite

What is it?

Along with ZAP, Burp Suite is a interception proxy. This allows the troubleshooting and testing of HTTP/s traffic. Although both are favored by security professionals as it includes methods of automated security testing and generation reports.

Exluded from Community Edition:

  • Burp Scanner, CSRF PoC Generator, Content discovery tool

  • Reports and saving/exporting results

  • Full use of Intruder (Community is heavily throttled)


  • Burp Scanner

    • Passive or Active

  • CSRF PoC

  • Intruder

    • Fuzzing or Dictionary attack

  • Decoder


How to Burp Good: https://www.n00py.io/2017/10/how-to-burp-good/

Last updated