Burp Suite Professional is the web security tester’s toolkit of choice. Use it to automate repetitive testing tasks – then dig deeper with its expert-designed manual and semi-automated security testing tools. Burp Suite Professional can help you to test for OWASP Top 10 vulnerabilities – as well as the very latest hacking techniques.
Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work
Key Features:
- An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application.
- An application-aware Spider, for crawling content and functionality.
- An advanced web application Scanner, for automating the detection of numerous types of vulnerability.
- An Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
- A Repeater tool, for manipulating and resending individual requests.
- A Sequencer tool, for testing the randomness of session tokens.
- The ability to save your work and resume working later.
- Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.
What’s new in version 2022.9.5
Updated on Nov 01 2022
Security patch:
- We have fixed an HTML injection vulnerability that could be triggered by attackers with direct access to the proxy listener. Note that the proxy listener only accepts connections from localhost by default. This issue was privately reported via our bug bounty program.
Browser upgrade:
- We have upgraded Burp’s browser to Chromium 107.0.5304.62, which fixes a number of high-severity security issues.
Bug fixes:
- Previously, you could still use the Collaborator client to generate payloads and poll manually even if the Collaborator was disabled in the project options. We have now amended this so that disabling the Collaborator disables all of the Collaborator client’s functions.
- We have fixed a bug whereby disabling the Collaborator did not stop the Collaborator client from polling for payloads that had already been created.
- We have fixed a bug whereby the Learn More link on the Collaborator client tab was pointing to an invalid URL.
- We have fixed a bug that prevented the crawler from handling links that are added to a page by JavaScript following a delay.
- We have fixed a bug whereby Burp Scanner was failing to find CSRF vulnerabilities on sites that return a 302 response when CSRF is exploited.
- We have fixed a bug whereby Repeater was not identifying streaming responses correctly, meaning that the affected responses would never complete.
- We have fixed a UI issue whereby checkboxes and radio buttons were not displaying correctly on the Extensions tab when using the Light display theme.
App requirements
- Intel 64
- OS X 10.11.0 or later
- Version for Apple Silicon
Also Download: Final Cut Pro 10.6.5 Mac Torrent
