← All Cheatsheets
web-pentest

Burp Suite — Web Application Testing Proxy

Burp Suite CLI tools and key workflows for web application security testing.

17 views Apr 2026 lazyhackers
Burp CLI & Startup (4)
java -jar burpsuite_community.jar
Start Burp Suite Community
start
java -jar -Xmx2g burpsuite_pro.jar
Start Burp Pro with 2GB heap
start pro
java -jar burpsuite_pro.jar --project-file=project.burp
Open existing project file
project
java -jar burpsuite_pro.jar --config-file=config.json
Load configuration from file
config
Proxy & Intercept (4)
curl -x http://127.0.0.1:8080 http://target.com/api/endpoint
Send curl request through Burp proxy
proxy curl
curl -x http://127.0.0.1:8080 -k https://target.com/api
HTTPS request through Burp (skip cert check)
proxy https
export http_proxy=http://127.0.0.1:8080; export https_proxy=http://127.0.0.1:8080
Set Burp as system proxy for all tools
proxy env
python3 script.py --proxy http://127.0.0.1:8080
Route Python script through Burp
proxy python
Intruder Attack Types (4)
# Sniper — single payload position cycled through wordlist
One position, one wordlist (username enum, fuzzing)
intruder sniper
# Battering Ram — same payload in ALL positions simultaneously
Same payload everywhere (user=FUZZ&pass=FUZZ)
intruder battering-ram
# Pitchfork — different wordlists per position, paired rows
Paired lists (user list + password list, row by row)
intruder pitchfork
# Cluster Bomb — all combinations of all wordlists
Full combo attack (every user x every password)
intruder cluster-bomb bruteforce
Repeater & Decoder (4)
# Ctrl+R — Send request to Repeater
Send intercepted request to Repeater for manual testing
repeater shortcut
# Ctrl+I — Send request to Intruder
Send to Intruder for automated attack
intruder shortcut
# Ctrl+Shift+U — URL decode selected text
URL decode in Decoder or Repeater
decoder shortcut
# Ctrl+Shift+B — Base64 encode selected text
Base64 encode in Decoder
decoder shortcut
Scanner & Active Scan (Pro) (3)
burp scan --project-file=project.burp --url=http://target.com
Run active scan via Burp Pro CLI
scan pro
# Right-click request → Scan → Active Scan
Launch active scan on specific request
scan
# Dashboard → New Scan → URL-based scan
Crawl + audit full target
scan crawl
Useful Extensions (BApp Store) (8)
# Logger++ — Advanced logging and search across all requests
Better request logging with filtering
extension logging
# Autorize — Detect authorization/IDOR issues automatically
Replay requests with lower-privilege tokens
extension idor authz
# JWT Editor — Decode, modify, attack JWT tokens
JWT manipulation and algorithm confusion
extension jwt
# Param Miner — Discover hidden/unlinked parameters
Find hidden GET/POST/header params
extension params
# Active Scan++ — Enhanced active scanning checks
Additional vulnerability checks for Pro Scanner
extension scan
# CORS* — Detect CORS misconfigurations
Automated CORS vulnerability testing
extension cors
# Hackvertor — Encodings/transforms with tags in requests
Dynamic payload transforms inline in Repeater
extension encoding
# Upload Scanner — Test file upload vulnerabilities
Automated file upload exploitation
extension upload