Burp proxy
Burp proxy is an interactive HTTP/S proxy server for attacking Web-enabled applications. It operates as a man-in-the-middle between the end browser and the target Web server, and allows the attacker to intercept, inspect, and modify the raw traffic passing in both directions. Text and hex editing may be performed on intercepted traffic. Downstream proxies are supported. Authentication may be done to downstream proxy and Web servers, using basic, NTLM, or digest authentication types.
| Tags | Software Development Testing Security Internet Proxy Servers |
|---|---|
| Operating Systems | OS Independent |
| Implementation | Java |
Recent releases
- 22 Dec 2007 00:11
Changes: This release is geared towards usability enhancements and new features: better analysis and rendering of HTTP requests and responses, support for custom client and server SSL certificates, new interception and match/replace rules, and more. It is fully integrated with the other new Burp Suite tools.
- 13 Aug 2005 04:09
Changes: A number of minor bugs were fixed.
- 29 Jul 2005 14:24
Changes: Various new features have been added. Fine-grained rules can be configured governing interception of requests and responses. A regex-based search and highlight function has been added to all text panes. A tabular view is now available to display and edit all request parameters. Burp proxy is now extensible via the IBurpExtender interface. A facility to automatically toggle GET/POST request type and correctly relocate parameters has been added. Optional persistent preferences across program launches have been implemented.
- 05 May 2004 18:17
Changes: Configurable timeouts have been added for different types of HTTP transfers, to help with very slow Web sites. Some minor bugs have been fixed.
- 07 Apr 2004 08:29
Changes: A bug was fixed which caused client-side socket timeouts when browsing very slow sites. Failed rDNS lookups are no longer repeated, which considerably improves performance when browsing unresolvable numerical addresses. The history table now shows full details of cookies set. Some unnecessary rewriting of HTTP response headers was eliminated.
- All comments
Recent commentsWhat a cracking tool - highly recommended
This is excellent - a quality tool - I've tried quite a few, but so far this is the one. Anyone else got anything they would recommend above this? (Assuming you've tried Burp'ing)
Thanks "portswigger", keep up the good work.