Executing an Application Penetration Test

Now that we have learned how to configure and set up our Burp Proxy across various platforms, we can now begin to start with an application pentest. In the present world, there are various purposes behind executing a pentest; it could either be for a bug bounty or it could be a fully-fledged assessment for a client. The initial approach is usually the same; ultimately, however, there is a huge difference. Bug bounty hunters aim to find one or a set of particular vulnerabilities that could lead to severe adversities if exploited, so they can claim their bounty.

On the other hand, for a fully-fledged pentest, the job of the pentester does not stop there. The pentester will have to perform a complete assessment and find the different possible flaws in the application, and for such a situation, a complete analysis of the application needs to be done. In this chapter, we are going to first understand why the basic scan is not enough, after which we will learn the different capabilities supported by Burp and how it helps in a very effective pentest.

We will cover the following topics in this chapter:

• Difference between a bug bounty and a client-initiated pentest
• Initiating a penetration test
• Why Burp Suite? Let's cover some groundwork!
• Why Burp Suite Scanner?