Burp Suite Pro v1.3.02 released

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

This release fixes a few minor bugs arising from version v1.3.01.

It also adds a facility to customise the preset payload lists that are included with Burp Intruder, and which are accessible via the "add from list" drop-down for various payload types. You can specify your own directory to hold payload lists, and these will automatically appear in the drop-down within Burp.

GIF - 1.8 kb

To access this feature, choose "configure preset payload lists" from the Intruder menu:

You can use the "copy" button to copy all of Burp’s built-in payload lists into your custom directory, to use alongside your own payloads lists. You can then use your preferred text editor to modify any of the lists as required.

This release also adds a number of new built-in payload lists, including new fuzz strings and lists of interesting CGI files. These were kindly donated by Adam Muntner.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2


Comments

Related Articles

Application Scanner
Burp