Burp Suite Cookbook

Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers.The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and D

这是一本详细讲解如何使用Burp Suite进行Web应用安全测试的实用指南。本书从启动Burp Suite开始，逐步引导读者熟悉并掌握Burp Suite的各种功能，包括设置Burp信任HTTPS、使用OWASP虚拟机进行合法攻击、测试账户枚举和猜解账户、测试弱锁定机制、测试绕过身份验证方案、测试浏览器缓存弱点、测试Clickjacking、测试HTML injection、Setting the Target Site Map、创建session-handling macros、测试 for exposed session variables、Understanding Message Editor、Decoding with Decoder、添加great pentester plugins以及Repeating with Repeater等。 书中详细介绍了如何使用Burp Suite的Spider、Scanner、Intruder、Repeater、Decoder等工具进行Web应用安全测试，并提供了大量的实战案例和解决方案。这些案例和解决方案涵盖了Web应用安全测试的各个