← Back to search

Analyze Requests with Burp Suite

reconchecklist

Summary

Test every function: LFI, SQLi, IDOR, mass assignment, business logic.

Walkthrough

Proxy traffic through Burp and test every parameter and workflow for common web flaws. A hit is any anomalous response, access-control bypass, or injection point worth exploiting further.