Burp Suite Pro v1.3beta2 released

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.

As well as various bugfixes, this release adds some handy conversion functions to the request/response editor, which are accessible via the context menu and shortcut keys.

Available conversions include URL-encoding, HTML-encoding and Base64-encoding. You can also convert raw data into a "constructed string" for various code-injection contexts. For example, selecting the expression:

xss

and choosing "JavaScript constructed string" will convert this to:

String.fromCharCode(120,115,115)

This release also improves Mac compatibility in the message viewer/editor. Keyboard shortcuts now work with both the Ctrl and Command keys. And you can display the context menu without losing the current text selection

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Burp
Commercial
Vulnerability Scanner