Burp Suite for Hackers

Dear readers, 

This year we decided to dedicate our summertime issue to one of your favourite topics - Burp Suite. Inside you will find eleven quality articles not only on Burp Suite techniques, but also the topics of pentesting, risk assessment tools, Windows 11, and more! This issue is full of diverse knowledge, tips, and tutorials. Without further ado, let’s dive into it!

Opening the issue we have Burp Suite Basics - a beginner-friendly article on what Burp Suite is, what tools it contains, and what kind of attacks can you perform with it. Later on, there’s Bypassing One Time Passwords (OTPs) and Two-Factor Authentications using Burp Suite, another piece for less advanced hackers. We’re sure you’ll make good use of it!

Staying in the topic of Burp Suite for beginners and intermediates, we have Introduction to Writing Burp Suite Extensions with Python and Crawling Websites Using Burp Suite. Then we drift off to pentesting in Introduction to Pentesting Web Applications With Burp Suite. 

If you are hungry for more advanced topics, you may want to take a look at a step-by-step guide to Solving an Expert Lab from Web Security Academy. 

But that’s not all! You will learn how to pentest Juice Shop, what are the best risk assessment tools, what you can do with Raspberry Pi on the newest Windows 11, and much more! 

As you can see, this issue is very diverse, but we also wanted to focus more on Burp Suite, as it continues to be one of the top tools utilized by pentesters, hackers and security researchers to test websites and web services vulnerabilities for over a decade. We hope you will enjoy this issue, whenever or wherever you read it - whether you lay on the sunny beach or climb snowy mountains. 

We would also like to thank our contributors, reviewers and proofreaders, without whom this edition wouldn’t have been possible.

Stay safe and enjoy!

Magdalena Jarzębska and Hakin9 Editorial Team

Table of Contents

Burp Suite Basics

Anthony Rose

Burp Suite evolved between 2003 and 2006 with the addition of Proxy, Sock, Spider, and Repeater.  It has been continually updated since that time to stay current and has added additional functionality. The BApp store launched in the mid-2010s and now includes over 200 user-created tools. PortSwigger also recently founded a Web Security Academy that reached one million users within a year of launch. This suite of tools has an incredible community and is backed by an enterprising founder and robust company that currently has approximately 65,000 users and enterprises as customers. The broad reach of PortSwigger allows its research and development to be unmatched in the web application vulnerability space. This research is pushed quickly to the end-user, which means that Burp Suite is at the forefront of the field.

Bypassing One Time Passwords (OTPs) and Two-Factor Authentications using Burp Suite

Nicholas Johnson

Burp Suite is a unified penetration testing tool that helps seamlessly conduct vulnerability assessment and penetration testing for web applications. One feature of Burp Suite that differentiates itself with other penetration testing suites is its simplicity to capture, analyse, manipulate and replay the attack via an intuitive dashboard. In this example below, we use the simulation available at Portswigger.net to perform a brute-force attack on OTP authentication. However, the overall methodology to perform brute force attacks on OTP based logins is equally similar across most vulnerable websites.

Introduction to Writing Burp Suite Extensions With Python

Atlas Stark

Penetration testers and security researchers definitely have their hands full in regards to website applications and services security. Every day it seems we are inundated with 0 day vulnerabilities, patches for different browser extensions, cookie exploits as well as a multitude of privacy vulnerabilities found in various web related products and services not to mention the countless instances of defacing a website.  A well stocked arsenal combined with a deep understanding of web hacking is a much needed combination in today’s threat landscape. This is where Burp Suite can accommodate by doing much of the heavy lifting regarding App Sec.

Crawling Websites Using Burp Suite

Mayukh Paul

Burp Suite is a platform created by PortSwigger consisting of various security tools used to perform web application penetration testing. These tools consistently work together to complete the testing process from analyzing surface attacks to finding and exploiting vulnerabilities. Here, I will demonstrate a default Crawl and Audit Scan and the website I used is ‘https://testphp.vulnweb.com/’. This is a vulnerability demonstration website for Acunetix Web Vulnerability Scanner.

Introduction to Pentesting Web Applications With Burp Suite

Joas Antonio dos Santos, Gabriel Lima

In a PenTest web application, the tools can be fundamental, mainly to automate information gathering tasks and even exploration. An excellent tool is Burp Suite, mainly because it is a complete tool and gives you the possibility to do a PenTest from start to finish with it. Using a standard Threat Model methodology, only with Burp Suite we were able to use it as a tool to perform penetration tests on a web application. For those just starting out, you can see Burp just as a browser proxy to intercept communication and do request analysis, but it is a powerful tool and, in this article, I will show you some of its power.

Solving an Expert Lab from Web Security Academy

Michael Sommer

This tutorial is a walkthrough to the lab “Stealing OAuth access tokens via a proxy page” from Web Security Academy by PortSwigger. The level of this lab is expert, and the reader should have a basic understanding of HTML and JavaScript. It is also recommended that the topic “OAuth 2.0 authentication vulnerabilities” has been worked through to this point. This lab can be solved with the community edition of Burp Suite, no professional version is needed. You should have configured your browser and Burp Suite so that you can intercept the traffic. In the reference section is a link where you can find information about browser configurations.

Juice Shop OWASP Penetration Testing

Dr. Akashdeep Bhardwaj, Keshav Kaushik, Varun Sapra

OWASP Juice Shop is probably the most sophisticated yet modern insecure web application that can be utilized for enhancing Security Awareness; Pen Testing in the form of a guinea pig. Juice Shop App encompasses the entire OWASP Top Ten vulnerabilities with security flaws in real-world e-commerce applications. Juice Shop app has been written in Node.js, Express, and Angular, the first application written in JavaScript and listed in the OWASP VWA Directory. Any web app can be Pen-tested against OWASP Top10 to reveal and exploit vulnerabilities. In this article, we initially set up the Juice Shop in a Docker container, then used a few attack tools, such as FoxyProxy and Burp Suite, to perform specific attacks. We started with SQL injection attack, exploited Broken Authentication, XXE attack, and finally Broken Access Control. There are more vulnerabilities to exploit, so ride away and take a crack at Juice Shop!

Introduction to Risk Assessment Tools

Anudeep Nayakoti

This article is an analysis and comparison of various risk assessment tools that may be useful in hacker work.

CHAOS - Raspberry Pi versus Windows 11

Daniel W. Dieterle

Windows 11 is the upcoming flagship desktop operating system from Microsoft. Raspberry Pi is a hyper popular IoT Makers board. In this article, we will see not only how to use Raspberry Pi as a security tool, but also see how this cheap, diminutive board could be used as a pentesting C2 (Command and Control) platform for security professionals. A platform that could even be used to remotely control Windows 11 (and a fully patched and updated Windows 10 system). In this article, we see several different ways that the versatile Raspberry Pi platform could be used in security. We cover how two Command & Control frameworks could be used, we also look at some of the multiple display types available. My intent of writing this article wasn’t to “beat up” on Windows 11. I actually really like the new operating system, and it does have more security features than Windows 10. This article just shows that you can’t depend on anti-virus to catch every threat. Phishing and social engineering are still the main channels of compromise.

Forensic Investigations of Recycle Bin

Dr. Akashdeep Bhardwaj, Keshav Kaushik, Varun Sapra

Windows Recycle Bin is a location on Windows OS to store deleted files temporarily. Recycle Bin app utility is reinforced with precautionary data to ensure file recovery can be performed easily in case a user wants to retrieve that deleted file. This aspect is important to understand and utilize because it stores a lot of information that can be pertinent to forensic investigations. This research illustrates the use of Recycle Bin Tools and tries to recover permanently deleted files.

Modern Times, Old Prejudices. The Hacker Era

Jordan M. Bonagura

The twenty-first century, more than a century of human evolution and great changes, a century of constant acceleration. Everything is always changing and exaggeratedly fast - technology, social changes and even our lifestyles. Changes so impactful that not even our most consolidated routines escaped, can escape, or will escape impunity. I believe it is almost impossible to imagine the present day without computers, tablets or our new body-coupled organ called a smartphone. Computer equipment today is used for absolutely everything, from scientific research to exploring the universe and discovering new planets, helping to create vaccines during a pandemic, curing or fighting diseases, facilitating locomotion without wasting more hours in traffic and even warnings from your fridge that it is full of sugars and fats, and that's why you tend to have a few nanoseconds less perspective of life. However, despite our lives being totally linked to this new era, we, for the most part, still live with diverse prejudices.