Top 30+Burp Suite Interview Questions & Answer

 

What is Burp Suite?

Burp or Burp Suite is a set of tools used for penetration testing of web applications. It is developed by the company named Portswigger, which is also the alias of its founder Dafydd Stuttard. BurpSuite aims to be an all in one set of tools and its capabilities can be enhanced by installing add-ons that are called BApps.
It is the most popular tool among professional web app security researchers and bug bounty hunters. Its ease of use makes it a more suitable choice over free alternatives like OWASP ZAP. Burp Suite is available as a community edition which is free, professional edition that costs $399/year and an enterprise edition that costs $3999/Year. This article gives a brief introduction to the tools offered by BurpSuite. If you are a complete beginner in Web Application Pentest/Web App Hacking/Bug Bounty, we would recommend you to just read through without thinking too much about a term.

 

The tools offered by BurpSuite are:

1. Spider:

spider

It is a web spider/crawler that is used to map the target web application. The objective of the mapping is to get a list of endpoints so that their functionality can be observed and potential vulnerabilities can be found. Spidering is done for a simple reason that the more endpoints you gather during your recon process, the more attack surfaces you possess during your actual testing.

2. Proxy:

proxy

 

BurpSuite contains an intercepting proxy that lets the user see and modify the contents of requests and responses while they are in transit. It also lets the user send the request/response under monitoring to another relevant tool in BurpSuite, removing the burden of copy-paste. The proxy server can be adjusted to run on a specific loop-back ip and a port. The proxy can also be configured to filter out specific types of request-response pairs.

3. Intruder:

intruder

It is a fuzzer. This is used to run a set of values through an input point. The values are run and the output is observed for success/failure and content length. Usually, an anomaly results in a change in response code or content length of the response. BurpSuite allows brute-force, dictionary file and single values for its payload position. The intruder is used for:

  • Brute-force attacks on password forms, pin forms, and other such forms.
  • The dictionary attack on password forms, fields that are suspected of being vulnerable to XSS or SQL injection.
  • Testing and attacking rate limiting on the web-app.

4. Repeater:

repeater

Repeater lets a user send requests repeatedly with manual modifications. It is used for:

  • Verifying whether the user-supplied values are being verified.
  • If user-supplied values are being verified, how well is it being done?
  • What values is the server expecting in an input parameter/request header?
  • How does the server handle unexpected values?
  • Is input sanitation being applied by the server?
  • How well the server sanitizes the user-supplied inputs?
  • What is the sanitation style being used by the server?
  • Among all the cookies present, which one is the actual session cookie.
  • How is CSRF protection being implemented and if there is a way to bypass it?

    5. Sequencer:

    burp sequencer

    The sequencer is an entropy checker that checks for the randomness of tokens generated by the webserver. These tokens are generally used for authentication in sensitive operations: cookies and anti-CSRF tokens are examples of such tokens. Ideally, these tokens must be generated in a fully random manner so that the probability of appearance of each possible character at a position is distributed uniformly. This should be achieved both bit-wise and character-wise. An entropy analyzer tests this hypothesis for being true. It works like this: initially, it is assumed that the tokens are random. Then the tokens are tested on certain parameters for certain characteristics. A term significance level is defined as a minimum value of probability that the token will exhibit for a characteristic, such that if the token has a characteristics probability below significance level, the hypothesis that the token is random will be rejected. This tool can be used to find out the weak tokens and enumerate their construction.

    6. Decoder:

    BurpSUite Decoder

    Decoder lists the common encoding methods like URL, HTML, Base64, Hex, etc. This tool comes handy when looking for chunks of data in values of parameters or headers. It is also used for payload construction for various vulnerability classes. It is used to uncover primary cases of IDOR and session hijacking.

    7. Extender:

    burpsuite extender

    burpsuite extender

    BurpSuite supports external components to be integrated into the tools suite to enhance its capabilities. These external components are called BApps. These work just like browser extensions. These can be viewed, modified, installed, uninstalled in the Extender window. Some of them are supported on the community version, but some require the paid professional version.

    8. Scanner:

    The scanner is not available in the community edition. It scans the website automatically for many common vulnerabilities and lists them with information on confidence over each finding and their complexity of exploitation. It is updated regularly to include new and less known vulnerabilities.

     

Burp Suite MCQ Interview Questions Answer

Q.1 HTTP uses which of the following handshake mechanism?

A. Intruder

B. Sequencer

C. TLS Handshake

D. SSL Handshake

Ans : TLS Handshake

Q.2 Which of the following component of Burp Suite enables to test the randomness of session tokens?

A. Sequencer

B. Scanner

C. Analyser

D. Intruder

Ans : Sequencer

Q.3 The Request body can be changed in the “HTTP History Tab”.

A. True

B. False

Ans : False

Q.4 HTTP is a stateless protocol. How does HTTP achieve this?

A. HTTP Cookies

B. Variables

C. URL rewriting

D. Server Side Sessions

E. All the above options

Ans : All the above options

Q.5 Under which subtab of the Proxy tab are proxy details configured to be the same as the browser proxy, so that both request and response can be captured?

A. Options

B. Intercept

C. HTTP History

D. WebSockets History

Ans : Options

Q.6 Which of the following is used to automatically identify flaws?

A. Sequencer

B. Scanner

C. Comparer

D. Target

Ans : Sequencer

Q.7 If there are five payloads with three parameters each, how many requests will a sniper make?

A. Five

B. One

C. Three

D. Fifteen

Ans : Fifteen

Q.8 Intercept can be used to change a request body.

A. True

B. False

Ans : True

Q.9 You can check the response in Intercept tab.

A. True

B. False

Ans : False

Q.10 Which of the following intruder attack uses single payload sets?

A. Sniper and Battering Ram

B. Pitchfork

C. Cluster Bomb and Battering Ram

D. Pitchfork and Cluster Bomb

Ans : Pitchfork and Cluster Bomb

Q.11 Which of the following intruder attack uses a single payload set by enumerating all the parameters in a single request using the same payload?

A. Battering Ram

B. Cluster Bomb

C. Sniper

D. Pitchfork

Ans : Battering Ram

Q.12 Spidering is also known as ____________.

A. Crawling

B. Sequencing

C. Scanning

D. Intruding

Ans : Crawling

Q.13 Which of the following can perform all possible combination of attacks?

A. Sniper

B. Battering Ram

C. Pitchfork

D. Cluster Bomb

Ans : Cluster Bomb

Q.14 Which of the following is used for manual footprinting?

A. Target

B. FalseProxy

C. Spider

D. All of these

Ans : Target

Q.15 Which of the following option is applicable for “Action” control for the panel in intercepting request?

A. It is used to check the proxy history and on the intercepted responses

B. This shows a menu of available actions that can be performed on the currently displayed message

C. It is used to abandon the message so that it is not forwarded

D. It is used to review and edit the message to send the message on to the server or browser

Ans : This shows a menu of available actions that can be performed on the currently displayed message

Q.16 What is the task of the Forward control when intercepting a Burp Suite request?

A. Edits the message

B. Adds a comment to enable easy identification later

C. Displays a menu of available actions that can be performed on the currently displayed message

D. Toggles all interceptions

Ans : Edits the message

Q.17 Where can responses be viewed in Burp Suite?

A. HTTP History

B. Intercept Tab

C. Option Tab

D. None of the options

Ans : Intercept Tab

Q.18 What happens when Intercept is off?

A. The request will hit the Proxy

B. The request will hit the server

C. Hit the proxy

Ans : The request will hit the server

Q.19 Which of the following statement is true about a cluster bomb attack?

A. Cluster bomb attacks iterate through all payload sets simultaneously

B. It uses multiple payload sets, and the total number of requests generated by the attack is the product of the number of payloads

C. It uses multiple payload sets

D. The total number of requests generated by the attack is the product of the number of payloads

Ans : It uses multiple payload sets

Q.20 What is the task of the Comment control when intercepting a Burp Suite request?

A. Adds a comment to enable easy identification later

B. Edits the message

C. Displays a menu of available actions that can be performed on the currently displayed message

D. Toggles all interceptions

Ans : Displays a menu of available actions that can be performed on the currently displayed message

Q.21 Which of the following attacks with a single payload?

A. Cluster Bomb

B. Pitchfork

C. Battering Ram

D. None of the options

Ans : Battering Ram

Q.22 The ”HTTP History Tab” captures all host URLs.

A. True

B. False

Ans : True

Q.23 A site map helps to capture a specified URL.

A. True

B. False

Ans : True

Q.24 What is the role of a Sequencer in request manipulation in Burp Suite?

A. Check the strength of random values

B. Check the strength of random values, and define the application’s status in terms of sessions

C. Define the application’s status in terms of sessions

D. Maintain the application performance for virus security

Ans : Define the application’s status in terms of sessions

Q.25 Which of the following option enables to identify flaws automatically?

A. Sequencer

B. Scanner

C. Comparer

D. Target

Ans : Sequencer

Q.26 When Intercept is on, the request will hit the _______.

A. Server

B. Burp Proxy

C. None of the options

Ans : Burp Proxy

Q.27 What are the steps to be taken when Burp does not intercept HTTPS requests?

A. Check browser configuration

B. Request additional memory for Burp by starting Burp from the command line using the -Xmx argument

C. Install Burp’s CA certificate in the browser

D. Run the Burp scanner multiple times

Ans : Install Burp’s CA certificate in the browser

Q.28 comparer can be used to compare both words and bytes.

A. True

B. False

Ans : True

Q.29 When intercept is on you can?

A. drop a request

B. forward a request

C. both option A & B

D. none of the above

Ans : both option A & B

Q.30 The request body can be changed in the http history tab.

A. True

B. False

Ans : False

Q.31 The “s” in https stands for:

A. security

B. surety

C. secure

D. safety

Ans : security

Q.32 Which of the following component of burp suite is used to inspect and modify traffic between a browser and the target applications?

A. Spider

B. Proxy

C. Intruder

D. Scanner

Ans : Proxy

Q.33 Which of the following intruder attack uses multiple payload sets?

A. Sniper and Battering Ram

B. Pitchfork

C. Cluster Bomb and Battering Ram

D. Pitchfork and Cluster Bomb

Ans : Pitchfork and Cluster Bomb

Q.34 Which of the following application is about extending burp proxy?

A. for testing multiple extensions

B. it is used to modify the http request easily

C. it is better to be used in web application hacking

D. all of the above

Ans : all of the above

Q.35 The session and token id can be changed by using sequencer.

A. True

B. False

Ans : False

Q.36 Which of the following burp suite tool is used for web application mapping?

A. Scanner

B. Proxy

C. Spider

D. None

Ans : Spider

Q.37 If there are eight payloads with two parameters each how many requests will a battering ram make?

A. 24

B. 1

C. 2

D. 8

Ans : 8

Q.38 What is the role of the do intercept command for http messages?

A. It displays the HTTP status code of the current request

B. It is responsible for interception of the request

C. It enables to quickly add an interception rule and prevent future interception of messages

D. none of the above

Ans : It is responsible for interception of the request

Q.39 ssl handshake is used in http.

A. True

B. False

Ans : False

 

About Author


After years of Technical Work, I feel like an expert when it comes to Develop wordpress website. Check out How to Create a Wordpress Website in 5 Mins, and Earn Money Online Follow me on Facebook for all the latest updates.