Burp or Burp Suite is a set of tools used for penetration testing of web applications. It is developed by the company named Portswigger, which is also the alias of its founder Dafydd Stuttard. BurpSuite aims to be an all in one set of tools and its capabilities can be enhanced by installing add-ons that are called BApps.
It is the most popular tool among professional web app security researchers and bug bounty hunters. Its ease of use makes it a more suitable choice over free alternatives like OWASP ZAP. Burp Suite is available as a community edition which is free, professional edition that costs $399/year and an enterprise edition that costs $3999/Year. This article gives a brief introduction to the tools offered by BurpSuite. If you are a complete beginner in Web Application Pentest/Web App Hacking/Bug Bounty, we would recommend you to just read through without thinking too much about a term....
BurpSuite is a set of tools for penetration testing the security of web-based applications. It comes as an all in one tool and it is very famous for its usability. Setting up Burp for penetration testing of web applications is very straight forward....
After having so much discussion about API Keys and OAuth Credential, in this article, we will focus on which one is better from security and privacy point of view. But before proceeding further let’s first recall what does Authentication and Authorization means?...
Ngrok is a tool that allows you to create a secure tunnel from a public endpoint to a locally running web service on your machine. In simpler terms, ngrok lets you expose a web server running on your local machine to the internet. So others can access what you are running locally....
Cyber threat intelligence (CTI) refers to the process of collecting, analyzing, and interpreting data and information about potential or actual cyber threats to identify their nature, scope, and potential impact....
Pre-requisites: Cyber Security...
In ethical hacking, multiple IP addresses are often used to hide the true identity of the hacker and make it more difficult to trace the source of an attack...
Malware is a type of software that is designed to damage or disable computers and computer systems. Malware includes viruses, worms, Trojans, and other malicious code that is typically installed without the user’s knowledge or consent. Once installed, malware can cause a variety of problems, including slowing down the computer, displaying unwanted or intrusive advertising, or even stealing personal information....
You can use Wireshark to play any codec that an installed plugin supports. You can save decoded audio in the.au file format using Wireshark. It only supported saving audio using the G.711 codec before version 3.2.0; starting with 3.2.0, it supports saving audio using any codec with 8000 Hz sampling. RTP Player is the name of the VoIP call playback application. RTP streams and their waveforms are displayed, and the stream can be played and exported as audio or as a payload to a file. The supported codecs determine its capabilities. Depending on the Wireshark version you’re running, several codecs are supported. The custom/distribution builds may not have all the codecs maintained by the Wireshark developers, but the official builds do. Following are the steps to check your Wireshark:...
An Internet Standard protocol called Simple Network Management Protocol (SNMP) is used to gather and organize information about managed devices, and monitor, and manage the exchange of information between managed devices on IP networks....
The concept of Protobuf UDP Message Type in Wireshark is to parse the data on the specified UDP port, Wireshark uses this table to determine the type of Protobuf message, in case the payload of UDP includes the Protobuf encoding (s) on the specific ports. The “User Table” consists of the following fields that keep the configuration maps for UDP Port(s) to Protobuf message type....
