Burp Suite: A Must-Have Tool for Any Security Professional

-By Ankit Mukherjee

Burp Suite well many of us would not be aware of this term who are not really very close to web security or have a knowledge of web security systems. So, for those who really do not know about this let us bring it down a bit and explain this to you. Burp Suite is a web application security software that is used to detect and fix security vulnerabilities related to a particular website.

There are a lot of things this application can do let us talk about the most basic part of it which is used before searching for any vulnerabilities. That is the ‘Proxy tab’.

As we can see in the above image, I have visited amazon.com under the proxy tab I can see 3 sub-tabs and all the requests and responses are being stored in the HTTP history tab here all the URLs which redirect us to different endpoints are listed here.

If we visit any URL redirecting us to any kind of web page, we can see there are some headers and they have some values, what you see in these headers they have some meaning and show us what goes in to display the information which we want to see.

Such parameters like in GET request it requires a few parameters to display the HTML page behind these parameters are called attributes of the GET request. And anything which is related to changing the behaviour of the page that is related to changing the content of the page (for easy understanding) comes under the POST request. So over here you will get to see a lot of GET and POST requests. So, to familiarise you a little bit about the request response this was a very brief and general overview of what these two types of requests are.

Now the question arises how is this helpful for us while detecting any vulnerabilities? Well, it turns out that before hitting any target we must analyze the target, hence analysing the target by what GET parameters it takes and what response it generates we can take an idea of how the backend of the server works. Through this request response generation, we can also identify potential vulnerabilities like there is an attack known as XXE(XML-external-entity) this attack uses the XML format of our data which is written, and potential data is retrieved.

Let us move forward and dig in a little more. As we can see beside the Proxy tab there is a tab called Intruder. This is used for attacking a server with different data provided mostly usernames or passwords for paced brute-force attacks. Burp Suite provides us with all the tools required to crack down a web application into bits and pieces. One such tool is an intruder in which we must have knowledge of how it works and the intruder will get the job done for us. A very similar tool to Intruder we have John-the Reaper in Kali Linux so if we want, we can compare it with john-the reaper or air-crack ng of Kali Linux.

Burp Suite provides us with various other tools and software as well for carrying out more deep scanning and testing with web applications. Most of them are provided in the Burp Suites Professional edition which is a paid version but mostly I use the community edition which is free and open source. The potential threats a particular website is vulnerable to have to be identified and once identified it needs to be fixed and analysed Burp Suites professional edition does all of this very easily and efficiently.

Lets have a look at an example as following, I went to a website called makemytrip.com. here for the understanding purposes we will have a look at the request and the responses and the pages being rendered due to the requests as following,

And now let us see the request responses coming when we have submitted the fake mobile number. Follow the following steps:?

1. Go to the HTTP History tab under proxy and search for a POST request that takes the mobile number and changes the state of the page?.
2. Right-click on the request and send it to the repeater so that we can analyze which endpoint hits when we submit the request and analyze the potential threats.

So, over here I provided a random phone number as we see a post request so we see that this is a sort of small bug we can say as we are able to see the message despite providing a wrong number so this is how people with malicious intention tend to create false request maybe the provided link can even be used for phishing attacks.

Conclusion

At last, concluding what was the gist of this blog, we have been through a couple of examples and saw how important it is to identify the requests and responses and thoroughly read and inspect them. We also talked about how different tools within the burp suite are used (the important ones are covered here). Hence it is at last our own responsibility to stay secure and having knowledge of this would surely help us to secure ourselves that is what we believe.