I am new to web pentesting and I want to know what web applications can I use burp suite on. As far as I know, A damn vulnerable web application is one of them. I don't want to get in any trouble by doing random tests.
Web applications to use burp suite on
313 Views Asked by shade1337 At
2
There are 2 best solutions below
0
On
To learn web penetration testing, there are a lot of ressources out there.
To make sure you don't intrude anywhere that you are not allowed to, stick to CTF platforms/sites.
Some examples are:
There are many more like this out there!
In addition to that, you could also take a look at Vulnhub where people upload VMs as challenges for penetration testers. If you are downloading and starting VMs from strangers, make sure to take some precautions (isolate them in a lab-network without access to your normal lan etc) to stay safe.
Not every CTF challenge will need BurpSuite though, but you'll quickly find out - if a scan for TCP/80 and TCP/443 turns up nothing, move on to the next. (Or dive in deeper, if you like)
In a lot of our testing and tutorials we use OWASP Broken Web Apps. This will give you a range of targets to get started on.