Burp Suite Cookbook: Web application security made easy with Burp Suite, 2nd Edition

14 لېندۍ 1402 آی ټی او سافټویر 40

Burp Suite Cookbook.jpeg

Burp Suite Cookbook کتاب 

برپ سویټ د جاوا پلیټ فارم پراساس یو سافټویر دی چې په پراخه کچه د شرکتونو او متخصصینو لخوا د ویب غوښتنلیکونو امنیت ازموینې ، ننګونو سره معامله کولو ، په ویب غوښتنلیکونو کې د زیانونو معلومولو او چیک کولو لپاره کارول کیږي. په دې کتاب کې، تاسو ته به درس درکړل شي چې څنګه د پیچلو چاپیریالونو لپاره د مختلفو ازموینو سره، د امنیت نیمګړتیاوې کشف کړئ.

د کتاب ډاونلوډ لینک


Date: 2023
Pages: 450
Edition: 2
Format: PDF
Language: English
Publisher: Packt Publishing
ISBN-10: 183508107X
ISBN-13: 9781835081075

Key Features

  • Set up and optimize Burp Suite to maximize its effectiveness in web application security testing
  • Explore how Burp Suite can be used to execute various OWASP test cases
  • Get to grips with the essential features and functionalities of Burp Suite
  • Purchase of the print or Kindle book includes a free PDF eBook

Book Description

With its many features, easy-to-use interface, and fl exibility, Burp Suite is the top choice for professionals looking to strengthen web application and API security.

This book off ers solutions to challenges related to identifying, testing, and exploiting vulnerabilities in web applications and APIs. It provides guidance on identifying security weaknesses in diverse environments by using diff erent test cases. Once you’ve learned how to confi gure Burp Suite, the book will demonstrate the eff ective utilization of its tools, such as Live tasks, Scanner, Intruder, Repeater, and Decoder, enabling you to evaluate the security vulnerability of target applications. Additionally, you’ll explore various Burp extensions and the latest features of Burp Suite, including DOM Invader.

By the end of this book, you’ll have acquired the skills needed to confi dently use Burp Suite to conduct comprehensive security assessments of web applications and APIs.

What you will learn

  • Perform a wide range of tests, including authentication, authorization, business logic, data validation, and client-side attacks
  • Use Burp Suite to execute OWASP test cases focused on session management
  • Conduct Server-Side Request Forgery (SSRF) attacks with Burp Suite
  • Execute XML External Entity (XXE) attacks and perform Remote Code Execution (RCE) using Burp Suite’s functionalities
  • Use Burp to help determine security posture of applications using GraphQL
  • Perform various attacks against JSON Web Tokens (JWTs)

Who this book is for

If you are a beginner- or intermediate-level web security enthusiast, penetration tester, or security consultant preparing to test the security posture of your applications and APIs, this is the book for you.

Table of Contents

  1. Getting Started with Burp Suite
  2. Getting to Know the Burp Suite of Tools
  3. Configuring, Crawling, Auditing, and Reporting with Burp
  4. Assessing Authentication Schemes
  5. Assessing Authorization Checks
  6. Assessing Session Management Mechanisms
  7. Assessing Business Logic
  8. Evaluating Input Validation Checks
  9. Attacking the Client
  10. Working with Burp Suite Macros and Extensions
  11. Implementing Advanced Topic Attacks