Bruteforce using Burp

To test your webform security using Burp intruder, follow these steps:

1- Attempt to login

2- Go to proxy History Tab

3- Find the POST request

4- Send to intruder

5- Use Cluster Bomb payload

6- Clear all payloads positions

7- Mark username and password fields as payload positions

8- Go to payloads tab

9- Set payload set 1 to your username list

10- Set payload set 2 to your passwords list

11- Click on the intruder menu

12- Select Start Attack

13- Look for different lengths or grep possible successful auth messages under options

Website Security

GusKhawaja
Gus Khawaja is a security consultant, as well as an author in Cybersecurity. Gus Holds a BS degree in Computer Science and worked in IT security and Web application development. Gus has successfully delivered and developed IT solutions for companies in Canada. He is passionate about Technology and loves what he’s doing. After many years of experience in computer science, he has turned his attention to cyber security and the importance that security brings to this minefield. His passion for ethical hacking mixed with his background in programming and IT makes him a wise swiss knife professional in the computer science field.

Bruteforce using Burp

The Best [email protected] Book

Do You Want More Like This!