Burp Suite v2021.9.1 دانلود

نرم افزار Burp Suite یک پلتفرم جامع برای انجام تست های امنیتی نرم افزارهای تحت وب می باشد. ابزار های متنوع نرم افزار Burp Suite با کارکرد یکپارچه خود از طریق مسیردهی آغازی و تحلیل سطوح حمله به نرم افزارها و همچنین کشف و یافتن حفره های امنیتی، تمام فرآیندهای تست ها را پشتیبانی می کند. این نرم افزار قابلیت کنترل کامل، اجازه ترکیب پیشرفته تکنیک های دستی با روش خودکار state-of-the-art را فراهم می کند تا شما را قادر به افزایش سرعت، کارایی بیشتر و همچنین لذت بیشتر کند.

قابلیت های نرم افزار Burp Suite

  • به شما امکان بازبینی و کاستن حجم داده ها بین مرورگر شما و برنامه ی هدف را میدهد
  • بازرسی مخفیانه، برای بررسی آرام و بی سروصدای محتوا و عملکرد برنامه ها
  • پویشگر پیشرفته شبکه، برای کشف و شناسایی انواع مختلف کاستی ها و ضعف ها
  • ابزار پاکسازی، برای حمله ی هدفمند و قدرتمند به اشکالات و رفع آسیب های غیر معمول
  • ابزار تکرار کننده، برای اجرای مجدد و فرستادن درخواست های بخصوص
  • ابزار تسلسل، برای آزمایش رندوم و تصادفی ورودی ها، توانایی ذخیره اعمال شما و ادامه دادن کار در زمانی دیگر
  • قدرت بسط پذیری، امکان اجرای ضمیمه های دلخواهتان، اجرای کارهای بسیار خاص و پیچیده در برنامه ی

لینک دانلود نرم افزار Burp Suite Professional v2021.9.1 کرک شده

 

دانلود – حجم : 506 مگابایت

رمز فايل: technet24.ir

Features of Burp Suite Professional 2020

Coverage of over 100 generic vulnerabilities
Cutting-edge web application crawler accurately maps content and functionality
Burp Scanner includes a full JavaScript analysis engine
Detect server-side vulnerabilities that are completely invisible
Project files to save your work incrementally in real-time
Export beautifully formatted HTML reports of discovered vulnerabilities.
Configuration library to quickly launch targeted scans with different settings.
Optionally report all reflected and stored inputs
Burp Proxy allows manual testers to intercept all requests and responses
HTML5 WebSockets messages are intercepted and logged to a separate history
Decoder tool lets you convert data between common encoding schemes and formats used on the modern web.
Clickbandit tool generates working clickjacking attacks against vulnerable application functions.
Burp helps eliminate browser security warnings
Burp supports invisible proxying for non-proxy-aware clients

Burp Suite v2021.9.1 Releases Note

This release enables manual testing of hidden HTTP/2 attack surface and adds a number of improvements to Burp Intruder and Burp Scanner.

Manually test hidden HTTP/2 attack surface in Burp Repeater

You can now send HTTP/2 requests from Burp Repeater even if the server doesn’t explicitly advertise HTTP/2 support via ALPN. This allows you to manually explore additional “hidden” HTTP/2 attack surface.

To enable this behavior, first select the Allow HTTP/2 ALPN override option from the Repeater menu, then switch the protocol to HTTP/2 from the Inspector panel.

Burp Intruder improvements

We have made the following improvements to Burp Intruder:

When configuring a list of payloads to send during your attack, you can now click the Deduplicate button to remove any duplicate entries. This helps to increase the efficiency of your attacks as you can avoid sending redundant, duplicate requests when combining multiple wordlists for example.
When using the Grep – Match or Grep – Payloads options, the results table now contains a column displaying the number of matches found in the response rather than just a checkbox.
In the resource pool configuration, there is now an option for setting the delay between requests to an incremental value. This enables you to study how the target application’s behavior changes as requests become more spread out. You can use this to determine how long a session is kept alive between requests for example.
You can now select multiple rows and perform bulk operations on some of the tables in the Intruder configuration settings.

Improved scan check for server-side template injection

We have added payloads to the server-side template injection (SSTI) scan check to detect vulnerabilities in the following Java-based template engines:

SpEl
JSF
Freemarker
Thymeleaf
Velocity
JSTL

We have also integrated additional out-of-band detection methods using Burp Collaborator.

Audit asynchronous traffic in Burp Scanner

API calls that are triggered by the crawler interacting with elements on the page will now be sent for audit.

We have also improved the way the crawler interacts with forms on a page to better support modern single-page applications.
Improved handling of XML and JSON insertion points in Burp Scanner

We have made the following changes to improve the handling of XML and JSON insertion points during scans:

Payloads injected into unquoted JSON contexts are now automatically wrapped with quotation marks to ensure that Burp Scanner always generates valid JSON documents.
Insertion points in standard XML attributes such as xml:lang and xmlns:* are now ignored by default. If you prefer, you can override this setting in your scan configuration under Audit options > Ignored insertion points.
When appending payloads to insertion points within XML CDATA sections, Burp Scanner now removes the CDATA block and correctly entity-encodes the payloads.

Recorded login improvements

Burp Scanner can now handle iframes, multi-selects, scrolling elements, and SVG elements in recorded login sequences. We have also improved reliability of recorded logins by changing the way we locate and interact with elements on the page.

Other improvements

On the Logger tab, we have added an option to the context menu for exporting the log as a CSV file.
On the Dashboard tab, you can now rename tasks to help you identify them more easily. You can now also search for tasks by their name or other details.
You can now set a default preference for whether tasks are resumed or paused when you launch Burp. To change the default setting, go to User options > Misc > Tasks.

Security fix

We have updated Burp’s embedded browser to Chromium version 95.0.4638.54, which fixes a number of high-severity bugs.

Bug Fixes

This release also provides a number of bug fixes, most notably for a bug when highlighting or selecting text in Burp Repeater.

دیدگاه

آدرس ایمیل شما منتشر نخواهد شد.