Use keyboard shortcuts to speed things up wherever possible (as described in the next section of the post).įor example, one can structure the name based on the target company ( ACME), API ( Admin API), and part of the API they are testing - ACME - Admin API / Add User.Please do not end up naming every tab but try to prioritize and sensibly name them.Also, naming repeater tabs can be a way to prioritize some requests over the rest, as often most of these end up being useless except a few interesting ones. This is quite challenging to deal with, but smartly naming Repeater tabs can make the process more efficient. Often one needs to keep track of several targets or, worse, multiple engagements in the repeater. The screenshot above might look scary for some. Screenshot of many Burp Suite Repeater tabs Source: on Twitter There may be hundreds of API endpoints in a large target, not all are documented, so repeater becomes a good way to keep track of them and log all test cases after intercepting them in Burp. But the question is how to manage them and not get overwhelmed when one must deal with such situations. While working with larger targets, it is not unusual to have a large number ( 500-600) of Repeater tabs open during an engagement. Tackling with a huge number of Repeater tabs Thus, it is extremely useful whenever one needs to manipulate intercepted requests later to analyze them further. This is useful when a user needs to review specific HTTP requests instead of Proxy, which allowing the user to Forward or Drop requests. ![]() ![]() ![]() What is the use of Burp Repeater?īurp Repeater essentially allows repeating the requests intercepted by Burp Suite, i.e., to edit, modify and resend them again. It is a tool that one cannot live without if they are into web app security testing with Burp Suite, so being familiar with it is important. It allows pentesters to repeat requests through Burp Proxy, modifying, manipulating, and re-running them. The Burp Repeater is a very powerful tool within Burp Suite.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |