Settings
Log out
To begin our bug bounty, we need some tool that is used by most of the ethical hackers. To capture the request and its values that was hidden to our naked eyes.
In Burp Suite we can perfom so many attacks like capturing the headers and modifying the variables.
we can perform brute force attack,
we can perform CORS based request attacks,
we can findout where the request has been sent and response has been received and so many..
Burp Suite is a popular tool that is widely used for performing security testing of web applications by ethical hackers and also bug bounty hunter. It has various tools that work in collaboration to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp is easy to use and provides the administrators full control to combine advanced manual techniques with automation for efficient testing. Burp can be easily configured and it contains features to assist even the most experienced testers with their work.
Using Burp Suite we can perfom major exploitations like bruteforce, sql injection, even we can deface the website using bur suite request capturing.
https://portswigger.net/burp/communitydownload