当前位置:网站首页>"WEB Security Penetration Testing" (28) Burp Collaborator-dnslog out-band technology
"WEB Security Penetration Testing" (28) Burp Collaborator-dnslog out-band technology
2022-08-05 00:20:00 【Stargazing at midnight】
1.What is Burp Collaborator
What is Burp Collaborator?It is a module that is carried by default in the new version of the penetration testing tool BurpSuite. It is a client. We can use BurpSuite to configure the outboard server for us. We can use the default carried by BurpSuite, or we can use our own private cloud server.
Having said so much, you may not understand what it is?
In fact, it is a DNSlog take-out tool. As long as you are doing network security, you should know http://dnslog.cn/ and http://www.ceye.io/ these two platforms, they are free DNSlog platforms, we can use them to monitor DNS resolution records and HTTP access records, which is very helpful for us to verify some vulnerabilities.
2.Burp Collaborator use
(1) Open BurpSuite, select "Project options" in the first step, "Misc" in the second step, and "Use the default Collaborator server" in the third step (use the default configured take-out server, if you want to use your ownThe server can be freely configured below), the fourth step is to click "Run health check.." to test whether the take-out server can work normally.
(2) Now go to start the client and select "Burp" under "Burp"
边栏推荐
- MVCC是什么
- 【LeetCode】双指针题解汇总
- oracle创建用户以后的权限问题
- QSunSync 七牛云文件同步工具,批量上传
- 软件测试面试题:关于自动化测试工具?
- Statistical words (DAY 101) Huazhong University of Science and Technology postgraduate examination questions
- #yyds dry goods inventory #Switching equipment serious packet loss troubleshooting
- Flask框架 根据源码分析可扩展点
- SV 类的虚方法 多态
- Implementation principle of golang coroutine
猜你喜欢
Getting started with 3D modeling for games, what modeling software can I choose?
【LeetCode】滑动窗口题解汇总
QSunSync Qiniu cloud file synchronization tool, batch upload
MAUI Blazor 权限经验分享 (定位,使用相机)
英特尔WiFi 7产品将于2024年亮相 最高速度可达5.8Gbps
leetcode: 266. All Palindromic Permutations
Metasploit-域名上线隐藏IP
redis可视化管理软件Redis Desktop Manager2022
电赛必备技能___定时ADC+DMA+串口通信
典型相关分析CCA计算过程
随机推荐
【idea】idea配置sql格式化
SQL association table update
The applicable scenarios and common product types of the KT148A electronic voice chip ic solution
#yyds dry goods inventory #Switching equipment serious packet loss troubleshooting
tiup telemetry
软件测试面试题:BIOS, Fat, IDE, Sata, SCSI, Ntfs windows NT?
【数据挖掘概论】数据挖掘的简单描述
could not build server_names_hash, you should increase server_names_hash_bucket_size: 32
情侣牵手[贪心 & 抽象]
软件测试面试题:网络七层协仪具体?
.net (C#) get year month day between two dates
tiup update
Brainstorm: Complete Backpack
Flask框架 根据源码分析可扩展点
性能测试如何准备测试数据
gorm联表查询-实战
lua 如何 实现一个unity协程的工具
动态上传jar包热部署
oracle创建用户以后的权限问题
IDEA 文件编码修改