17

I've been using Burp Intruder (part of Burp suite), but in the free edition of Burp Suite the Intruder functionality is Time-throttled. As a student pen tester however, I can't justify the cost of $300 a year for the Burp Suite Professional Edition.

I know there are other great intercepting proxies out there (OWASP ZAP), but I'm after something specifically that simulates the burp intruder core functionality, mainly the login validation checks via either 'pitchfork' methods.

It doesn't need to be integrated as part of a intercepting proxy suite, a standalone tool is fine also. It must be free or very low cost.

Any suggestions?

Peleus
  • 3,827
  • 2
  • 18
  • 20

7 Answers7

23

There are a lot of free tools out there. You may not find a free tool with the exact same functionality as Burp, but you could use several tools to compensate for the limitations of Burp's free version.

  • use Owasp ZAP or Webscarab for their proxy functionality.
  • use Nikto and W3AF to scan web applications.
  • use SQLMap to exploit SQL injections vulnerabilities.
  • use XSSer to detect and exploit XSS vulnerabilities.
  • use Powefuzzer to fuzz parameters
  • use online encoder/decoders
  • use DirBuster to find hidden resources

All the tools mentioned above and several others are by default installed in recent Backtrack releases.

If you are looking for a tool that is closest in functionality with the Intruder, then I think that Wfuz with it's WebSlayer GUI is the one to try.

Dinu
  • 3,166
  • 14
  • 25
  • Thank you for your response. While I appreciate the list of alternate tools for other functions of the burp suite, unfortunately it doesn't address as far as I can see the core function being asked about; intruder. – Peleus Feb 27 '13 at 18:53
  • 1
    I edited the answer, considering your observation. – Dinu Feb 27 '13 at 19:37
  • Much appreciated, ill certainly check it out. – Peleus Feb 27 '13 at 21:04
1

Take a look at CAT (Context Application Test) Tool. Its written by a apploication security consultancy in the UK.

It has functionality very similar to Burp (intruder, proxy, repeater, fuzzer), it also has an API so you can develop your own plugins.

http://www.contextis.com/research/tools/cat/

fixulate
  • 788
  • 4
  • 9
0

You can use J-BAAh, just copy the request from burp and replace the parameter with ##1## , where 1 represents the parameter number.

It is open source and available at github.

Mohammad
  • 207
  • 3
  • 10
0

Everyone is going to have an idea or two. Listen to me: I have been using Burp Free since 2003 -- I have been using Burp Suite Professional since 2008. I love Burp Suite and its many contributions.

The only one tool worth its weight against Burp Suite that is fully free, open-source software is Arachni. You can use it as a proxy, but it also has the most powerful crawler and the most powerful vulnerability assessment engine.

Some other suggestions might be Fiddler (which has its own free Intruder plugin, and many other plugins albeit harder to find than Burp Suite extensions), as well as sqlmap, NoSQLMap, commix, liffy, CMSMap, gitdigger, and clusterd. For crippleware, try Netsparker's demo or find an older version of its Community Edition -- but I warn you: it will leave you wanting the full version just as badly as you do Burp Suite Professional!

atdre
  • 18,885
  • 6
  • 58
  • 107
  • I do not like OWASP ZAP because it only found one vuln that others tools did not find faster over the course of my 12 years of testing. I do not like the look and feel of it. – atdre Sep 17 '15 at 20:08
  • I do not like Context App Tool because I found it to be jumpy. I did like the functionality and feel of it -- just wish it was rewritten to be more stable and better performing under high load. – atdre Sep 17 '15 at 20:09
  • http://www.darknet.org.uk/2017/03/kadimus-lfi-scanner-exploitation-tool/ – atdre Mar 24 '17 at 21:09
0

I don't know if you are aware of owasp live cd here is the link as well (http://appseclive.org/content/downloads) It has an excellent list of open-source proxies. Some of the tools are given in the list here.

https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools

Saladin
  • 1,547
  • 3
  • 14
  • 23
0

It may sound like a marketing trick. however, to be honest nothing has come up in market that can match burp. Burp actually addresses shortcomings of all other major HTTP proxies in the past. Be it be web scarab, paros or others. However you can try charles proxy or keep using free edition with fuzz db (download from google code) and may be fiddler too.

Only for intruder capabilities, you can always use https://code.google.com/p/fuzzdb files rotated against certain parameters with a shell/python script. Not only it will help you grasp better idea of manual pen testing, but also proficient in scripting languages at same time. Once you start doing this it's not a big job. Otherwise there are loads of usual scanners you can point and click.

user20996
  • 74
  • 2
0

You could also try wfuzz (http://www.edge-security.com/wfuzz.php). It is especially usefull as you can tunnel it's connection to the burp proxy and have everything show up on burps history.

Shpendk
  • 1