Sabitlenmiş Tweet
I won't post here anymore. Feel free to join Bluesky or to read the content I post there by simply browsing my profile at bsky.app/profile/master…
English
Mastering Burp Suite Pro
1.2K posts
Mastering Burp Suite Pro
@MasteringBurp
Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
Katılım Eylül 2020
0 Takip Edilen16.2K Takipçiler
Mastering Burp Suite Pro retweetledi
Come to Roma 🇮🇹 in September and attend the only in-person public training session I'll give in 2026! 👨🏫
And if you like camping with other hackers (as I do), stay over the weekend for the 3-day long RomHack Camp 🏕️
Cyber Saiyan | RomHack Conference, Training, Camp@cybersaiyanIT
RomHack Training registration is officially open. Join us in Rome from September 28 to October 1 for six intensive technical tracks led by industry experts: Full details and registration: romhack.training #RomHack2026 #RomHackTraining
English
An interesting piece of trivia: the search bar works on custom columns (the ones created via bambdas) and also on hidden ones (whatever they are custom or not)
English
Since EA 2026.2, there's a a search bar in Proxy History and it doesn't work exactly like the usual display filter. Let me explain...
- the filter searches in requests, responses and notes
- the search bar looks for the keyword in the table of entries itself
English
Mastering Burp Suite Pro retweetledi
The 2026 online public sessions of my "Mastering Burp Suite Pro" course have been published
- March 24th to 27th, in French 🇫🇷
- April 14th to 17th, in English 🇬🇧
hackademy.agarri.fr/2026
PS: ping me if you'd like to temporarily block a seat or are looking for a 10% coupon 🎁
English
Mastering Burp Suite Pro retweetledi
I won't post here anymore. Feel free to join Bluesky or to read the content I post there by simply browsing my profile at bsky.app/profile/master…
English
Plenty of new followers today 📈
To be honest, I don’t really use X anymore, and I invite all of you to follow me on Bluesky, where I post regularly
bsky.app/profile/did:pl…
English
I just added the 15-minute talk I gave at Tumpicon to the "Freebies" section
This talk covers the extensions Piper and Scalpel, and allows users to easily manipulate encrypted data by shuffling blocks around
hackademy.agarri.fr/freebies
English
Mastering Burp Suite Pro retweetledi
What's your best @Burp_Suite tip or trick and where did you learn it?
English
@CryptoGangsta @WebSecAcademy I'm very happy the course was useful
English
@WebSecAcademy ctrl+r, ctrl+shift+r: Send to Repeater, Switch to Repeater. Same with i for Intruder.
Courtesy of the wonderful Agarri's @MasteringBurp course for drilling that into my mind.
English
What are your favorite Burp Suite hotkeys and what do they do?
English
Mastering Burp Suite Pro retweetledi
If you never used the Piper extension, I recommend to watch the 4-minute demo I gave last year during my talk at @NorthSec_io 🛠️
youtube.com/watch?v=N7BN--…
YouTube
doomerhunter (Victor Poucheret)@DoomerOutrun
@CristiVlad25 Basically allows you to execute **any** tool/command on **any** part of an HTTP request/réponse. It can pipe tools together as well as automatically execute pipelines. You can even launch GUI tools such as meld for easy diffing @Agarri_FR mentioned it a while ago and it's awesome
English
Mastering Burp Suite Pro retweetledi
Reminder: we're also on Bluesky 🦋
bsky.app/profile/master…
English
The extension "Bypass Bot Detection" (which works really well) is now in the BApp Store 🥳
portswigger.net/bappstore/50fd…
English
The Early Adopter v2025.1 of Burp Suite Pro fixes the bug where the Home and End keys caused the cursor to jump to a different line 🥳
portswigger.net/burp/releases/…
English
A little bird told me that @metasploit is working on a persistence mechanism based on @burpsuite extensions 👀
github.com/rapid7/metaspl…
English
Mastering Burp Suite Pro retweetledi
A good reminder that Intruder’s "Simple list" payload type doesn’t work well with huge files like rockyou.txt 🛠️
Tib3rius@0xTib3rius
Burp PSA: If you want to use a large file of payloads in Intruder, *DO NOT* use Simple list's "Load" feature. Simple list is designed for "simple" lists, and it loads the entire file into a GUI JList. This is fine for small wordlists, but will absolutely become a memory issue for larger ones. Use Runtime file instead!
English
English
@MasteringBurp @space @newline Do you mean the one that url encode as you type or this a different feature? Because that's the one I never use the type and encode. I prefer to have url encode tags around stuff and you can have a hv custom tag to handle different cases or multiple params.
English
@MasteringBurp @space @newline I usually turn of the auto content length update and that solves the issue. Of course if I then need to fiddle with the body, I need to cheat more!
English