Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Burp is easy to use and intuitive, allowing new users to begin working right away. Burp is also highly configurable, and contains numerous powerful features to assist the most experienced testers with their work

Burp Suite is available on a subscription basis for $349 per year. Pricing details can be found here

Features

• An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application.
• An application-aware Spider, for crawling content and functionality.
• An advanced web application Scanner, for automating the detection of numerous types of vulnerability.
• An Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
• A Repeater tool, for manipulating and resending individual requests.
• A Sequencer tool, for testing the randomness of session tokens.
• The ability to save your work and resume working later.
• Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

New:

• Adds a new feature to save a copy of the current project. You can choose the tools whose data you want to be included in the project file and whether you only want to save in-scope items.
• You can begin working in a temporary project, and later save it to disk if it proves useful.
• You can save a live backup copy of a disk-based project while continuing to work.
• You can save a smaller copy of a project after refining your target scope or deleting unnecessary data.
• Note that after Burp saves the copy of the current project, it continues working in the current project. If you want to switch to using the newly saved copy, you will need to restart Burp and select the new project file at startup.

Bug Fixes:

• A bug that caused SNI not to work with upstream HTTP proxy servers.
• A bug that caused the Burp Infiltrator patcher to cause bytecode corruption, or fail to patch at all, when certain unusual bytecode features were encountered.
• A bug that could cause remembered user settings to be lost if the user closed down Burp during startup.
• Various other bugfixes and enhancements.