Published on April 15th, 2014 | by MaxiSoler0
Burp Suite Professional v1.6 Released
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.
Burp Suite Free Edition contains significant new features added since v1.5, including:
- Support for WebSockets messages.
- Support for PKCS#11 client SSL certificates contained in smart cards and physical tokens.
- A new Extender tool, allowing dynamic loading and unloading of multiple extensions.
- A new powerful extensibility API, enabling extensions to customize Burp’s behavior in much more powerful ways.
- Support for extensions written in Python and Ruby.
- A new BApp Store feature, allowing quick and easy installation of extensions written by other Burp users.
- An option to resolve DNS queries over a configured SOCKS proxy, allowing access to TOR hidden services.
- Generation of CSRF PoC attacks using a new cross-domain XHR technique.
- New options for SSL configuration, to help work around common problems.
- Optional unpacking of compressed request bodies in the Proxy.
- Support for .NET DeflateStream compression.
- New and improved types of Intruder payloads.
- New Proxy interception rules.
- New Proxy match/replace rules.
- Improved layout options in the Repeater UI.
- An SSL pass-through feature, to prevent Burp from breaking the SSL tunnel for specified domains.
- Support for the Firefox Plug-n-hack extension.
- An option to copy a selected request as a curl command.
Burp Suite Professional contains a number of bugfixes and tweaks, added since the last beta version, including:
- An occasional bug causing misplaced highlights on payloads in Scanner issues has been fixed.
- A bug in which restoring default settings for the Extender tool didn’t unload any currently running extensions has been fixed.
- A display bug affecting the rendering of binary content (such as images) in the raw view of the HTTP message editor has been fixed.
- A bug which prevented the automatic backup on exit feature from functioning in headless mode has been fixed.
- In previous versions, Burp stored its preferences in separate locations for each major version. This caused persisted settings to be lost on upgrading to a new major version. This behavior has been modified, and from v1.6 onwards major versions will store their preferences in the same location. As a workaround to preserve settings from earlier releases, Pro users can launch the earlier release, save a state file containing their preferences, then launch the new release and load the state file.
Free edition MD5: 6f2c0ff4e3cab35bb49312ce88e1a690 SHA256: 21cfdd2d2f682997648f3877bca239bde358f8ce5a2a9304fd1de72fc68a3312
Pro edition MD5: 8d56e783e79f615feefd3717322d61dd SHA256: d81a765df2eb2fc33f91cdbf2669264204a9acf2ed7e43187ff7632015ffa89b
More Information: here