WHAT IS BURP SUITE
Burp Suite is a Java-based web penetration testing framework. It has become an industry standard suite of tools used by information security professionals. BurpSuite helps you identify vulnerabilities and verify attack vectors that are affecting web applications. Due to its popularity and breadth as well as depth of features, we have created this useful page as a collection of knowledge and information from Burp Suite.
In its simplest form, Burp suits can be classified as interception proxies. While browsing its target application, an access checker can configure its Internet browser to route traffic through Burp Suite proxy servers. BurpSuite then acts as a (kind of) man in the middle by capturing and analyzing each request to and from the target web application so that they can be analyzed. Penetration testers can intercept, manipulate, and reuse individual HTTP requests to analyze potential parameters or injection points. Injection points can be specified to search for potential unexpected application behavior, crashes, and error messages for manual as well as automated fake attacks.