Burp Suite 是一個用於測試 Web 應用程式安全性的圖形化工具。該工具使用Java編寫,由PortSwigger Web Security開發。該工具有三個版本。可以免費下載的社區版、專業版和試用後可以購買的企業版。社區版大大減少了功能。它是為Web應用程式安全檢查提供全面解決方案而開發的。除了代理伺服器、Scanner 和Intruder等基本功能外,該工具還包含更高級的選項,如Spider、Repeater、Decoder、Comparer、Extender和Sequencer。
Burp Suite 是用於攻擊 web 應用程式的整合平臺。從最基本的測繪(mapping)和應用程式的攻擊面分析,到尋找並藉機利用安全漏洞,Burp Suite允許攻擊者結合手工和自動技術去枚舉、分析、攻擊Web應用程式。這些不同的burp工具通過協同工作,有效的分享資訊,支援以某種工具中的信 息為基礎供另一種工具使用的方式發起攻擊。所有的工具都共享一個能處理並顯示 HTTP 訊息,永續性,認證,代理,日誌,警報的一個強大的軟體。
功能特色
Proxy: 使Burp作為Web proxy運行,並且位於瀏覽器和目標 Web server之間。
可以利用這種方式從Burp攔截、檢查和修改在兩個方向上通過的HTTP內容。
The system requirements for Burp Suite are largely dependent on your intended use for the software. While you can generally perform most tasks on a relatively low-spec machine, some use cases (for example, running multiple scans concurrently) may require significantly more power to run without a noticeable effect on performance.
CPU cores / memory
Minimum: 2x cores, 4GB RAM – This spec is suitable for basic tasks such as proxying web traffic and simple Intruder attacks. While Burp Suite may run on a machine with a lower specification than this, we do not recommend doing so for performance reasons.
Recommended: 2x cores, 16GB RAM – This is a good general-purpose spec.
Advanced: 4x cores, 32GB RAM – This spec is suitable for more intensive tasks, such as complex Intruder attacks or large automated scans.
Free disk space
Basic installation: 1GB
Per project file: 2GB
Note:
While 2GB is the recommended minimum free disk space for a project, note that project files can get significantly larger than this (potentially up to many tens of GB), depending on factors such as the amount of proxy history included, the number of scans run, and the number of Repeater tabs open.
Operating system and architecture
Burp Suite supports the latest versions of the following operating systems:
Windows (Intel 64-bit)
Linux (Intel and ARM 64-bit)
OS X (Intel 64-bit and Apple M1)
Note:
Burp Suite’s embedded browser is not compatible with older versions of Windows, including Windows 7, Windows 8/8.1, Windows Server 2012, and Windows Server 2012 R2.