"WEB Security Penetration Testing" (28) Burp Collaborator-dnslog out-band technology

1.What is Burp Collaborator

What is Burp Collaborator?It is a module that is carried by default in the new version of the penetration testing tool BurpSuite. It is a client. We can use BurpSuite to configure the outboard server for us. We can use the default carried by BurpSuite, or we can use our own private cloud server.

Having said so much, you may not understand what it is?

In fact, it is a DNSlog take-out tool. As long as you are doing network security, you should know http://dnslog.cn/ and http://www.ceye.io/ these two platforms, they are free DNSlog platforms, we can use them to monitor DNS resolution records and HTTP access records, which is very helpful for us to verify some vulnerabilities.

2.Burp Collaborator use

(1) Open BurpSuite, select "Project options" in the first step, "Misc" in the second step, and "Use the default Collaborator server" in the third step (use the default configured take-out server, if you want to use your ownThe server can be freely configured below), the fourth step is to click "Run health check.." to test whether the take-out server can work normally.

(2) Now go to start the client and select "Burp" under "Burp"