In this room we explore the advanced capabilities of the Burp framework with the Repeater tool, including manipulation and resending captured requests as well as other funcitions, with practical examples and a couple of challenges to complete. Some of the tasks are theoretical in nature and I definitely recommend reading through as they provide detailed and easy to read overview of the tool's purpose and functionality.
Q: N/A
Let's GO!
-
Repeater allows us to modify and resend intercepted requests to a target of our choosing. We capture requests in the proxy, manipulate, send - wash, rinse, repeat - as needed. Requests can also be created manually from scratch (similar to CL tool cURL).
-
In Repeater, we can edit and resend requests repeatedly, allowing us to manually explore and test endpoints until we obtain a response that helps us gain more information about the target.
While we have the ability to craft a request from scratch, it is commonly more useful to start with a request captured in the Proxy tool, send it to Repeater where we can further edit and resend, trying different modifications, while also having the ability to navigate through our history of modifications if needed.