Hacking Your Own Website

When it comes to web application security testing, there are few tools that can match BurpSuite by Portswigger. In 2013 at the HackMiami "Pen-Test Tool Shootout", BurpSuite was confirmed as best value web security scanner. While many of its users are security professionals, BurpSuite has a lot of value to offer throughout the development lifecycle. As a developer I have used BurpSuite over the last few years to test many websites and various SOAP and RESTful APIs. In this talk we will quickly look at how to get up and running with the tool before moving to a demonstration against a local vulnerable web application where we will cover uses of the tool for finding common security vulnerabilites and how to create targeted attacks specific to our application. We will also briefly cover the BurpSuite extension interface and the new BApp Store. http://blog.portswigger.net/2013/06/burp-suite-confirmed-as-best-value-web.html