Arm yourself with the leading toolkit for web security testing
BurpSuite Professional is an advanced set of tools for testing web security – all within a single product. From a basic intercepting proxy to a cutting-edge vulnerability scanner, with Burp Suite Pro, the right tool is never more than a click away.
Our powerful automation gives you more opportunity to do what you do best, while BurpSuite handles low-hanging fruit. Advanced manual tools will then help you identify your target’s more subtle blind spots.
BurpSuite Pro is built by a research-led team. This means that before we even publish a paper, its findings have been included in our latest update. Our pentesting tools will make your job faster while keeping you informed of the very latest attack vectors.
Manual Penetration Testing Features
Intercept everything your browser sees
A powerful proxy/history lets you modify all HTTP(S) communications passing through your browser.
Manage recon data
All target data is aggregated and stored in a target site map – with filtering and annotation functions.
Expose hidden attack surface
Find hidden target functionality with an advanced automatic discovery function for “invisible” content.
Test for clickjacking attacks
Generate and confirm clickjacking attacks for potentially vulnerable web pages, with specialist tooling.
Work with WebSockets
WebSockets messages get their own specific history – allowing you to view and modify them.
Break HTTPS effectively
Proxy even secure HTTPS traffic. Installing your unique CA certificate removes associated browser security warnings.
Manually test for out-of-band vulnerabilities
Make use of a dedicated client to incorporate Burp Suite’s out-of-band (OAST) capabilities during manual testing.
Speed up granular workflows
Modify and reissue individual HTTP and WebSocket messages, and analyze the response – within a single window.
Quickly assess your target
Determine the size of your target application. Auto-enumeration of static and dynamic URLs, and URL parameters.
Assess token strength
Easily test the quality of randomness in data items intended to be unpredictable (e.g. tokens).
More Information on BurpSuite Professional Edition: https://logon-int.com/portswigger/burpsuite-pro/