π·οΈ BurpSuite for Pentester
A practical Burp Suite cheat sheet and learning guide designed for bug bounty hunters and penetration testers to efficiently discover web application vulnerabilities from low severity (P4) to critical (P1) using Burp Suite.
This repository provides a structured reference for web application security testing, helping security researchers understand how to use Burp Suiteβs powerful features for intercepting traffic, analyzing requests, fuzzing parameters, and identifying vulnerabilities in modern web applications.
π΅ Telegram β Join Channel
β« Twitter/X β Follow Us
π£ Discord β Join Server
πΌ LinkedIn β Follow HackingArticles
π Join Our Cybersecurity Training Program
Hands-on training in Penetration Testing, Red Teaming, and Cybersecurity.
| # | Topic | Description | Article |
|---|---|---|---|
| 1 | π·οΈ Web Scanner & Crawler | Discover and scan web application endpoints automatically using Burp crawler and scanner | Read Article |
| 2 | π₯ Fuzzing with Intruder (Part 3) | Advanced fuzzing techniques using Burp Intruder for vulnerability discovery | Read Article |
| 3 | π₯ Fuzzing with Intruder (Part 2) | Intermediate fuzzing techniques using Burp Intruder | Read Article |
| 4 | π₯ Fuzzing with Intruder (Part 1) | Introduction to fuzzing attacks using Burp Intruder | Read Article |
| 5 | β‘ XSS Validator | Detect and validate Cross-Site Scripting vulnerabilities using Burp | Read Article |
| 6 | π Configuring Proxy | Configure browser proxy settings to intercept traffic using Burp Suite | Read Article |
| 7 | π Burp Collaborator | Detect out-of-band vulnerabilities such as SSRF and Blind XSS | Read Article |
| 8 | π§° HackBar | Use HackBar extension to craft and test payloads quickly | Read Article |
| 9 | π² Burp Sequencer | Analyze randomness of session tokens and cookies | Read Article |
| 10 | π Turbo Intruder | Perform high-speed fuzzing attacks using Turbo Intruder extension | Read Article |
| 11 | π§ͺ Engagement Tools | Explore Burp engagement tools for testing vulnerabilities | Read Article |
| 12 | π§ Payload Processing Rule (Part 2) | Advanced payload manipulation techniques in Burp Intruder | Read Article |
| 13 | π§ Payload Processing Rule (Part 1) | Introduction to payload processing rules in Burp Suite | Read Article |
| 14 | π¦ Burpsuite Payloads (Part 2) | Advanced payload generation techniques | Read Article |
| 15 | π¦ Burpsuite Payloads (Part 1) | Beginner guide to payload creation in Burp Intruder | Read Article |
| 16 | π Encoder & Decoder | Encode and decode data formats like Base64, URL, and HTML | Read Article |
| 17 | π Active Scan++ | Improve vulnerability detection using Active Scan++ extension | Read Article |
| 18 | π‘οΈ Software Vulnerability Scanner | Automated scanning of web applications for security issues | Read Article |
| 19 | π Project Management | Manage multiple pentesting projects inside Burp Suite | Read Article |
| 20 | π Repeater | Manually modify and resend HTTP requests to test vulnerabilities | Read Article |
| 21 | π Autorize | Detect authorization bypass vulnerabilities using Autorize extension | Read Article |