ENNAENNA

Burp Suite Cheat Sheet

Web application security testing platform. Covers proxy configuration, Intruder attack types, Repeater workflows, scanner usage, and extending Burp with extensions.

View Burp Suite Community tool page

Proxy Setup

Configure the default proxy listener address and port

$ Proxy > Options > Add listener on 127.0.0.1:8080

Set up automatic header modification for intercepted requests

$ Proxy > Options > Intercept Client Requests > Match and Replace

Export Burp CA cert for browser installation to intercept HTTPS

$ Project Options > SSL > Import CA Certificate

Filter proxy history to show only target scope traffic

$ Proxy > HTTP history > Filter > Show only in-scope items

Add a regex pattern to define the target scope

$ Target > Scope > Add > .*\.target\.com$

Intruder Attacks

Test one payload position at a time with a single wordlist

$ Intruder > Positions > Attack type: Sniper

Test all combinations of multiple payload sets across positions

$ Intruder > Positions > Attack type: Cluster Bomb

Extract payload values from previous responses (CSRF token extraction)

$ Intruder > Payloads > Type: Recursive grep

Define patterns to extract from responses for result analysis

$ Intruder > Options > Grep - Extract > Add

Limit request rate to avoid triggering WAF or rate limits

$ Intruder > Resource pool > Maximum concurrent requests: 5

Repeater & Decoder

Send a request to Repeater for manual modification and replay

$ Right-click request > Send to Repeater

Send multiple tabs simultaneously for race condition testing

$ Repeater > Send group (parallel)

Chain encoding operations for payload transformation

$ Decoder > Encode as > URL > Base64

Visually diff two responses to identify behavioral differences

$ Comparer > Send response to Comparer

Scanner

Start a full crawl and active vulnerability scan

$ Dashboard > New scan > Crawl and Audit

Use embedded browser for JavaScript-heavy application crawling

$ Dashboard > New scan > Crawl only > Configuration: Browser-powered

Scan a specific portion of the site map only

$ Target > Site map > Right-click > Actively scan this branch

Generate a formatted HTML vulnerability report

$ Dashboard > Issue activity > Export as HTML report

Extensions

Install Autorize for automated authorization testing

$ Extender > BApp Store > Install: Autorize

Install Logger++ for advanced request/response logging

$ Extender > BApp Store > Install: Logger++

Install Param Miner for hidden parameter and header discovery

$ Extender > BApp Store > Install: Param Miner

Install Active Scan++ for additional active scan checks

$ Extender > BApp Store > Install: Active Scan++

Configure path for custom extension JAR dependencies

$ Extender > Options > Java environment > Folder for loading library JAR files

More Cheat Sheets

Nmap Cheat Sheet

6 sections

Hashcat Cheat Sheet

5 sections

SQLMap Cheat Sheet

5 sections

ffuf Cheat Sheet

5 sections

Nuclei Cheat Sheet

5 sections

Subfinder Cheat Sheet

4 sections