Web security testing using Burp and Firebug STC 2012 - QAI
Web security testing using Burp and Firebug STC 2012 - QAI
Web security testing using Burp and Firebug STC 2012 - QAI
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Web</strong> <strong>security</strong> <strong>testing</strong> <strong>using</strong> <strong>Burp</strong>Intruder – Attack typesSniper: This uses a single set of payloads. It targets each position in turn,<strong>and</strong> inserts each payload into that position in turn. The total number ofrequests generated in the attack is the product of the number of positions <strong>and</strong>the number of payloads in the payload set.Battering Ram: This uses a single set of payloads. It iterates through thepayloads, <strong>and</strong> inserts the same payload into all of the defined positions atonce. The total number of requests generated in the attack is the number ofpayloads in the payload set.7ETT | 12/10/<strong>2012</strong> | © Robert Bosch Engineering <strong>and</strong> Business Solutions Limited <strong>2012</strong>. All rights reserved, also regarding any disposal,exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights.