Practical Web Penetration Testing
上QQ阅读APP看书,第一时间看更新

Visualizing the application structure using Burp Target 

In the previous section, you saw how an application can be mapped by using Burp in the Target tab. In this section, I want you to learn how Burp Target works (in a simplified way) so that you can handle the workflow when you're doing the pen tests.

The Burp Target tool offers you the following functionalities (I will only list the important ones):

  1. Visualize the application structure using the Site Map tab.
  2. Define the scope of your target website using Add To Scope.
  3. Spider the web application to discover more contents using Spider this branch.
  4. Search for hidden contents using the Discover Content functionality.
  5. Conduct a passive scan, using Passively Scan this branch to identify some vulnerabilities.
  6. List comments, scripts, and references by using the Engagement Tools menu.
  7. Analyze the web application target to identify all of the dynamic URLs and parameters by using Analyze Target.
  8. Send web requests to another tool tab (for example, Repeater, Sequencer, Decoder, Comparer, and Intruder).
  9. Conduct a full web application vulnerability scan using Actively scan this branch.
  1. Save the reports by branch using Issues/Report issues for this branch:

As you may have realized, the Target tab is your dashboard for everything that you want to initiate using Burp. You will frequently spend your time on this section/tab. Looking at the preceding screenshot, you can see, in the middle section, all of the web requests/responses to the application (under the Contents section) for further analysis. On the right-hand side of the screen, Burp shows the Issues, and the Advisory to fix every single flaw. Amazing, right?