What do you like most about PortSwigger Burp?
Thanks for sharing your thoughts with the community!
The most valuable features are Burp Intruder and Burp Scanner.
The most valuable feature is the application security. It also has a reasonable price.
The suite testing models are very good. It's very secure.
The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately.
The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues.
Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it.
BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding.
Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them.
This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps.
This tool is more accurate than the other solutions that we use, and reports fewer false positives.
"The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved."
I would like to know if nowadays (2021) the license of Burp Suite Pro is worth the cost. Is it a good option to use OWASP Zap instead for testing security in web applications?
Let the community know what you think. Share your opinions now!