Burp Suite Web Application Testing

Purpose

Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability scanning, and manual testing workflows. This skill enables systematic discovery and exploitation of web application vulnerabilities through proxy-based testing methodology.

Inputs / Prerequisites

🧠 Knowledge Modules (Fractal Skills)

1. Required Tools

2. Environment Setup

3. Editions Comparison

4. Primary Outputs

5. Phase 1: Intercepting HTTP Traffic

6. Phase 2: Modifying Requests

7. Phase 3: Setting Target Scope

8. Phase 4: Using Burp Repeater

9. Phase 5: Running Automated Scans

10. Phase 6: Intruder Attacks

11. Keyboard Shortcuts

12. Common Testing Payloads

13. Request Modification Tips

14. Operational Boundaries

15. Technical Limitations

16. Best Practices

17. Example 1: Business Logic Testing

18. Example 2: Authentication Bypass

19. Example 3: Information Disclosure

20. Browser Not Connecting Through Proxy

21. HTTPS Interception Failing

22. Slow Performance

23. Requests Not Being Intercepted