Burp suite: Web Crawler, Scanner, Proxy, Repeater, Intruder

Burp Suite is a powerful security testing application that can be used to perform web requests on web applications, mobile apps, and thick clients. Burp offers multiple capabilities such as web crawler, scanner, proxy, repeater, intruder, and many more.

Security professionals use Burp Suite to intercept HTTP and HTTPS traffic; however, a penetration tester can use it for various other functions. It is an integrated platform for performing security testing of vulnerabilities and web application analysis. It has many tools incorporated into one application so that they can work in synchronization to support the entire process. It can do the initial mapping, and after that, it can analyze the application’s attack surface. Once the basic tasks are done, it can find and exploit all the security vulnerabilities. 

As you can guess, Burp Suite is an extremely powerful tool that can do many things in one go. Security consultants usually use the professional version, which is more feature-rich, although the free community edition is powerful too. It comes with Kali Linux, and it allows you to combine innovative manual techniques with state-of-the-art automation. 

Burp Suite lets you use a spider to crawl an application. In the free version, you don’t get the vulnerability scanner, but you get the intruder tool.

A web crawler (also known as a web spider or web robot) is a program or automated script which browses the World Wide Web in a methodical, automated manner. This process is called Web crawling or spidering. Many legitimate sites, in particular search engines, use spidering as a means of providing up-to-date data. 

If you tunnel web traffic through Burp Suite (without intercepting the packets), by default it can passively spider the website, update the site map with all of the contents requested, and thus create a tree of files and directories without sending any further requests.

Install on Linux

Burp Suite comes pre-installed with every Penetration Testing Operating System (Kali, ParrotSec, etc.). So there is no need to install it again just Configure the Proxy and Enjoy.

Download and Install on Windows

1. Visit Port Swinger (click here) à Products à Community Edition.

2. Click on "Go Straight to download" and Download Stable Version:

3. Once Download complete click to install:

4. Launch Burp suite:

Configure the browser to send traffic through the proxy.

Configure the Proxy

Using Below two methods you can configure your proxy settings:

Method 1: To access proxy settings in Mozilla Firefox, you can click on Firefox’s menu and navigate to Preferences. 

Then we type in the search bar the "proxy" and now Network Settings are being presented. We are then clicking on Settings.

Method 2: Then we select the Manual proxy configuration where we enter as an HTTP Proxy the 127.0.0.1 IP and port the 8080 where Burp Proxy is listening. 

Note: It is advisable to also check the option of Also use this proxy for FTP and HTTPS so all requests can go through Burp.

Method 2: Add Foxy Proxy Add Ons. Search Foxy Proxy on Google and then click on Add to Firefox.

Once Foxy Proxy is added to the Add-on bar, click on the Foxy Proxy icon.

Configure the HTTP Proxy the 127.0.0.1 IP and port the 8080 where Burp Proxy is listening.

Whenever you start to interpret with Burp Suite just click on Burp Suite.