当前位置:网站首页>"WEB Security Penetration Testing" (28) Burp Collaborator-dnslog out-band technology
"WEB Security Penetration Testing" (28) Burp Collaborator-dnslog out-band technology
2022-08-05 00:20:00 【Stargazing at midnight】
1.What is Burp Collaborator
What is Burp Collaborator?It is a module that is carried by default in the new version of the penetration testing tool BurpSuite. It is a client. We can use BurpSuite to configure the outboard server for us. We can use the default carried by BurpSuite, or we can use our own private cloud server.
Having said so much, you may not understand what it is?
In fact, it is a DNSlog take-out tool. As long as you are doing network security, you should know http://dnslog.cn/ and http://www.ceye.io/ these two platforms, they are free DNSlog platforms, we can use them to monitor DNS resolution records and HTTP access records, which is very helpful for us to verify some vulnerabilities.
2.Burp Collaborator use
(1) Open BurpSuite, select "Project options" in the first step, "Misc" in the second step, and "Use the default Collaborator server" in the third step (use the default configured take-out server, if you want to use your ownThe server can be freely configured below), the fourth step is to click "Run health check.." to test whether the take-out server can work normally.
(2) Now go to start the client and select "Burp" under "Burp"
边栏推荐
- oracle创建用户以后的权限问题
- Three tips for you to successfully get started with 3D modeling
- 元宇宙:未来我们的每一个日常行为是否都能成为赚钱工具?
- 导入JankStats检测卡帧库遇到问题记录
- oracle创建表空间
- How to burn the KT148A voice chip into the chip through the serial port and the tools on the computer
- #yyds dry goods inventory #Switching equipment serious packet loss troubleshooting
- 【LeetCode】滑动窗口题解汇总
- [LeetCode] Summary of Matrix Simulation Related Topics
- Mathematical Principles of Matrix
猜你喜欢
leetcode: 266. All Palindromic Permutations
Couple Holding Hands [Greedy & Abstract]
Mysql_14 存储引擎
First, the basic concept of reptiles
数据类型及输入输出初探(C语言)
"Relish Podcast" #397 The factory manager is here: How to use technology to empower the law?
典型相关分析CCA计算过程
Handwritten Distributed Configuration Center (1)
仿网易云音乐小程序-uniapp
could not build server_names_hash, you should increase server_names_hash_bucket_size: 32
随机推荐
Senior game modelers tell newbies, what are the necessary software for game scene modelers?
canvas 高斯模糊效果
"Relish Podcast" #397 The factory manager is here: How to use technology to empower the law?
Cloud native - Kubernetes 】 【 scheduling constraints
oracle创建表空间
2022牛客多校训练第二场 L题 Link with Level Editor I
性能测试如何准备测试数据
2022杭电多校 第三场 B题 Boss Rush
Essential knowledge for entry-level 3D game modelers
leetcode:269. 火星词典
ARC129E Yet Another Minimization 题解 【网络流笔记】
gorm的Raw与scan
Detailed explanation of common DNS resource record types
tiup status
软件测试面试题:负载测试、容量测试、强度测试的区别?
The applicable scenarios and common product types of the KT148A electronic voice chip ic solution
leetcode经典例题——单词拆分
[CVA Valuation Training Camp] Financial Modeling Guide - Lecture 1
2022牛客多校训练第二场 J题 Link with Arithmetic Progression
"No title"