- Hands-On Application Penetration Testing with Burp Suite
- Carlos A. Lozano Dhruv Shah Riyaz Ahemed Walikar
- 125字
- 2021-07-02 12:16:37
Why Burp Suite Scanner?
Now that we have established the basic understanding of how robust the Burp crawler is, it's time to understand why Burp Scanner is the go-to scanner for any pentest. Most traditional scanners usually fuzz the input fields, check the response, and determine if there is a vulnerability or not. But what if the application has certain rules, like, what if the application has enforced dynamic CSRF for every request? What if the application is a very dynamic application that serves different content for the same URL/page based on states, or what if the application invalidates the user on a malformed request? Worry not, because Burp already treats this differently and understands the underlying logic, enabling us with an optimized scan.
推薦閱讀
- 數(shù)字化轉(zhuǎn)型浪潮下的數(shù)據(jù)安全最佳實踐指南
- 防火墻技術(shù)與應(yīng)用(第2版)
- 網(wǎng)絡(luò)安全技術(shù)與實訓(xùn)(第4版)(微課版)
- CTF競賽權(quán)威指南(Pwn篇)
- 電腦安全與攻防入門很輕松(實戰(zhàn)超值版)
- 網(wǎng)絡(luò)安全態(tài)勢感知
- 網(wǎng)絡(luò)關(guān)鍵設(shè)備安全檢測實施指南
- 黑客攻防從入門到精通
- Learning Pentesting for Android Devices
- 構(gòu)建新型網(wǎng)絡(luò)形態(tài)下的網(wǎng)絡(luò)空間安全體系
- Mastering Python for Networking and Security
- 信息內(nèi)容安全管理及應(yīng)用
- Practical Mobile Forensics
- ATT&CK與威脅獵殺實戰(zhàn)
- 黑客攻防從入門到精通:實戰(zhàn)篇(第2版)