Burp Proxy is a tool used for attacking and examining web applications. It works as an interactive HTTP/S proxy server.
With Burp Proxy, you can find and exploit application vulnerabilities by monitoring and manipulating critical parameters and other data transmitted by the application. Whether you're looking to perform SQL injection, cookie subversion, privilege escalation, session hijacking, directory traversal, or buffer overflows, Burp Proxy has you covered.
Some of Burp Proxy's key features include a full HTTP and HTTPS proxy server, text and hex-editing of intercepted traffic, detailed analysis and rendering of all requests and responses, full history of all requests, modifications and responses, fine-grained rules governing interception of requests and responses, and more. Additionally, it integrates fully with other Burp Suite tools and supports downstream proxy servers and authentication to downstream proxy and web servers.
Burp Proxy is also highly extensible via the IBurpExtender interface, and runs on both Linux and Windows. To use it, you'll need Java Runtime Environment 1.5 or later (tested with JRE 6 on Ubuntu 7.10).
Overall, if you're in the market for a strong, versatile tool for testing and attacking web applications, Burp Proxy is definitely worth checking out. Plus, with its regular updates and new features (such as improved analysis and rendering of HTTP requests and responses, support for custom client and server SSL certificates, interception rules based on parameter names and values, and more), Burp Proxy just keeps getting better and better.
Version 1.4: N/A