What is the difference between Repeater and Intruder?

Repeater is designed for manual, iterative testing of single requests, while Intruder is built for automated attacks involving large payloads, such as fuzzing parameters or brute-forcing credentials.

How do I intercept HTTPS traffic?

To intercept HTTPS, you must download and install Burp's CA certificate into your browser's trust store to allow the proxy to decrypt secure traffic.

Does this skill require Burp Suite Professional?

While core features like the Proxy, Repeater, and basic Intruder work with the Community Edition, automated vulnerability scanning and full Intruder capabilities require a Professional license.

Can I use this skill to test any website?

Ethical guidelines dictate that you should only use Burp Suite to test applications you are authorized to audit. Always configure your target scope to avoid accidental testing of out-of-scope domains.

Burp Suite Web Application Testing

Name: Burp Suite Web Application Testing
Author: claudiodearaujo

byclaudiodearaujo

0•

보안 및 테스팅

Conducts professional web application security testing and vulnerability assessment using Burp Suite's integrated toolset.

This skill provides comprehensive, structured guidance for performing end-to-end web application security audits using Burp Suite. It enables users to systematically intercept and modify HTTP traffic, manage target scopes, and execute manual testing workflows via Burp Repeater. Whether you are debugging complex web requests, testing for business logic flaws like price manipulation, or hunting for common security vulnerabilities such as SQL injection and XSS, this skill offers the best practices and implementation patterns needed to maximize the effectiveness of your security testing process.

주요 기능

01Automated fuzzing and brute-force attacks via Intruder

020 GitHub stars

03Automated vulnerability scanning and issue tracking

04HTTP traffic interception and real-time request modification

05Manual request replaying and analysis via Burp Repeater

06Target scope management to prevent out-of-scope testing

사용 사례

01Identifying and exploiting web vulnerabilities like SQLi and XSS

02Testing business logic vulnerabilities such as authentication bypass or price manipulation

03Debugging and analyzing complex API requests and server responses

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front burp-suite-testing

For use in Claude.ai and ChatGPT

Download Skill