Burp Suite, developed by PortSwigger, is the industry-standard platform for web application security testing. It combines a proxy, request editor, scanner, and a range of supporting utilities used by virtually every working web application penetration tester.
A duplicate page note
This article duplicates the main Burp Suite glossary entry. Use the canonical version above for the full description of components, editions, workflow, and certification. The two pages will be consolidated.
Quick reference
Burp Suite is used to (1) intercept and modify HTTP traffic between a browser and a target application; (2) replay and fuzz individual requests for manual probing; (3) automate parameterised attacks across many requests; (4) run passive and active vulnerability scans (Professional edition only). Free Community edition is sufficient for learning; serious testing requires the Professional licence.
Related terms
See also: Burp Suite (main entry), web application penetration testing, and SQL injection.
Leave a Reply