Burp Suite v1.3 is now available to download. This is a major upgrade with a host of new features.
New features in Burp Suite free edition include:
- A new message editor/viewer optimised for HTTP requests and responses, with colourised syntax, mouse-over decoding, and quick conversion functions.
- Facility to add comments and highlights to the proxy history and site map.
- Support for AMF-encoded messages.
- Improved handling of SSL server certificates, to eliminate browser SSL warnings and connection problems with thick clients.
- Copy to file / paste from file to facilitate working with binary content.
- New display filters.
- Much enhanced extensibility.
- Configurable DNS resolution, to override host resolution, facilitating work with non-proxy-aware clients.
- Fine-grained upstream proxy rules.
- Exporting of HTTP messages and metadata in XML format.
- Improved text search, with regex support, scope restrictions, dynamically updating results, etc.
- Automated discovery of unreferenced content.
- Scripts and comments search.
- Wizard for performing more effective scans of multiple items.
- Target analyser.
- Manual testing simulator.
Have fun!
9 comments:
Awesome, thanks for all your work!
Thank you, and congrats again on the new little one.
Way to go! Can't wait to try it out. Congrats on the baby!
Burp suite not work on Ubuntu 9.10 , OpenJDK Runtime Environment.((( Froze on firs proxy request.
@Anonymous
The Ubuntu problem is because of OpenJDK. You need to switch back to the official Sun JRE. Instructions below:
First, check the list of Java alternatives installed on your PC:
sudo update-java-alternatives -l
Make sure that the following is in the list:
java-6-sun
If its not, install the sun-java jre/jdk:
JRE:
sudo apt-get install sun-java6-jre
JDK (Includes the JRE):
sudo apt-get install sun-java6-jdk
Run the first list command again if you want to make sure that java-6-sun is in the list.
Next, we need to set the default Java installation to use.
To set java-6-sun as the default Java installation to use, run:
sudo update-java-alternatives -s java-6-sun
Please add another category to your scanner for information leaks like parsing http headers (server, x-powered-by, via, etc.).
You need to switch back to the official Sun JRE. Run the first list command again if you want to make sure that java-6-sun is in the list.
Hi!
Could you please add support for "pass the hash" in the proxy module for HTTP NTLM Authentication (see Metasploit's module "smbrelay")?
Thx!
Could you please add a function to decode Firefox 3.x standard URL-encoding to all HTTP(S) requests before sending them out?
This would help very much!
Post a Comment