PortSwigger Burp Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
Consultant
Senior Information Security Analyst at a tech services company with 10,001+ employees
Dec 19 2017

What is most valuable?

Burp is the best web application penetration testing tool that I have ever used. Although all the features of Burp are very useful, I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is... more»

How has it helped my organization?

The customer is almost all the time results-oriented and they want them real quick. Burp gives my organization a great authentic source of information on the security posture of web infrastructure. PortSwigger launched a feature called Burp... more»

What needs improvement?

The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a... more»
Real User
Penetration Testing Advisor at a tech services company with 1,001-5,000 employees
Nov 07 2016

What is most valuable?

* Intruder - allows inserting predefined or custom payloads at chosen locations inside requests and analyzing results using custom filters; * Repeater - allows reissuing requests to manually verify reported issues, changing parameters or... more»

How has it helped my organization?

It provides unique features that help me quickly identify and exploit security vulnerabilities in web applications.

What needs improvement?

Some extra features are not available in the core product (WSDL parsing, SOAP calls, Error checks, Authorization bypass), but additional modules created by the community can be easily installed from the BApp store through Extender, or you can... more»
Find out what your peers are saying about PortSwigger, Acunetix, IBM and others in Application Security.
288,321 professionals have used our research since 2012.
Real User
Information Systems Security Officer at a financial services firm with 1,001-5,000 employees
Aug 31 2016

What is most valuable?

* HTTP proxy for packet capture * Repeater * Intruder * Spider * Decoder * Comparer

How has it helped my organization?

Burp Suite is a versatile tool for manual web application penetration testing; mainly used by skilled ethical hackers to test security of web-based applications. It helps capturing and modifying HTTP packets and variables, and observing the... more»

What needs improvement?

The professional edition of Burp Suite provides some automated pen-testing scripts to detect application vulnerabilities, like SQL injection, XSS, etc. However, this component is not extremely useful. The results need to be double-checked... more»

Articles

User Assessments By Topic About PortSwigger Burp

Find out what your peers are saying about PortSwigger, Acunetix, IBM and others in Application Security.
288,321 professionals have used our research since 2012.

PortSwigger Burp Questions

PortSwigger Burp Projects By Members

PortSwigger Burp Consultants

What is PortSwigger Burp?

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Also known as
Burp
PortSwigger Burp customers
Maven Security Consulting, OWASP Italy, Penetration Testing Firm
BUYER'S GUIDE
Not sure which Application Security solution is right for you?

Download our free Application Security Report and find out what your peers are saying about PortSwigger, Acunetix, IBM, and more!

Sign Up with Email