Get full access to Hands-On Application Penetration Testing with Burp Suite and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Configuring Burp Suite

Before starting an application penetration test, the system that will be used to attack the end application must be prepared. This involves configuring Burp Suite to become the interception proxy for various clients and traffic sources.

As with scoping for targets, it is important to reduce noise in the data we collect. We will use target whitelisting techniques, and work with the Burp Target feature to filter and reduce the clutter that testing modern applications can introduce.

Burp, or Burp Suite, is a graphical tool for testing web applications for security flaws. The tool is written in Java and was created by Dafydd Stuttard under the name of PortSwigger. Burp Suite is now actively developed by his company PortSwigger ...

Get Hands-On Application Penetration Testing with Burp Suite now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now