Does this skill require Burp Suite Professional?

No, it supports both Community and Professional editions, though automated scanning and full Intruder features are only available in the Professional version.

How do I handle HTTPS traffic interception?

The skill provides guidance on downloading and installing the Burp CA certificate to your browser or system to enable seamless SSL/TLS decryption.

Does this skill help with remediation?

Yes, it includes workflows for analyzing scan reports which provide specific remediation advice for identified vulnerabilities.

Can I automate brute-force attacks with this?

Yes, the skill details how to use Burp Intruder for various attack types, including credential stuffing and payload iteration.

Can I use this for mobile app testing?

Yes, if the mobile app communicates via HTTP/HTTPS, you can configure the device to use Burp Suite as a proxy and follow the interception workflows provided.

Burp Suite Web Security Testing

Name: Burp Suite Web Security Testing
Author: claudiodearaujo

byclaudiodearaujo

セキュリティとテスト

Performs comprehensive web application security audits by intercepting HTTP traffic, modifying requests, and identifying vulnerabilities using Burp Suite.

概要

This skill provides a structured methodology for conducting professional web application security assessments using Burp Suite's integrated toolset. It guides users through the entire testing lifecycle, from initial proxy configuration and traffic interception to advanced manual testing with Repeater, automated vulnerability scanning, and custom Intruder-based attacks. By providing domain-specific patterns for discovering flaws like SQL injection and broken access controls, this skill enables both developers and security researchers to perform systematic, proxy-based testing while maintaining strict operational boundaries and scopes.

主な機能

HTTP Traffic Interception and Live Modification
Automated Fuzzing and Brute-force via Intruder
0 GitHub stars
Manual Request Replay and Analysis with Repeater
Target Scope Definition and Site Mapping
Automated Vulnerability Scanning and Reporting

ユースケース

Testing business logic flaws through request parameter manipulation
Identifying OWASP Top 10 vulnerabilities in web applications
Automating credential testing and API fuzzing workflows

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter burp-suite-testing

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要