Cheatography
https://cheatography.com
Here is a easy guide to use to help guide you through burpsuite at a beginner level as well as information on advanced options as well.
This is a draft cheat sheet. It is a work in progress and is not finished yet.
Hot Keys
Ctrl+Shift= T |
Target Tab |
Crtl+Shift+P |
Proxy Tab |
Crtl+Shift+I |
Intruder Tab |
Crtl+Shift+R |
Repeater Tab |
Crtl+R |
Send to Repeater |
Crtl+I |
Send to Intruder |
Additional Hot Keys
Crtl+Shift=U |
URL Decode Selection |
Crtl+U |
URL encode selection |
Crtl+F |
Forward Intercepted Proxy |
Basic Edits
Cut |
Ctrl+X |
Copy |
Ctrl+C |
Paste |
Ctrl+V |
Undo |
Ctrl+Z |
Redo |
Ctrl+Y |
Select all |
Ctrl+A |
Search |
Ctrl+S |
|
|
Burp Suite Tools
Scanner |
Auto scans websites for vulnerabilties. |
Repeater |
Reissues http requests again and again. |
Intruder |
Allows customized auto attacks as well as testing the tasks. |
Comparer |
Performs visual comparisons of app data to find differences. |
Decoder |
Transforms bits of app data with the use of common encoding and decoding schemes. |
Clickbandit |
Generates clickjacking exploits which goes against vulnerable applications |
Extensions
HTTP Request Smuggler |
created by burpsuite to help launch http request smuggling attacks |
Retire.js |
Searches for outdated Javascript |
Software Vulnerability Scanner |
Looks at software version numbers with vulnhub.com for there vulnerabilities |
These extensions help to discovery vulnerabilities. They allow you to use pen testing skills to do the research to find the vulnerabilities
|
