Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

bypass business validation

muneer ali Jan 06, 2019 02:43PM UTC

in chrome there addon that can send a lot of request as same time, is there any way to do that in burp, the purpose is to bypass business validation, for example App must not allow to register more than one user by same ID but as there is no restriction on DB level and the validation only on App level the app going to accept more that user(request) with same ID, so again how to test this scenario in burp please

Paul Johnston Jan 07, 2019 08:20AM UTC Support Center agent

What’s the Chrome addon? It sounds interesting. Intruder is the Burp tool for sending repeated requests. You could use Intruder to test for this, although you’d need to set up each test manually.

There are a number of extension for testing authoization: Autorize, Auth Matrix, Multi Session Replay. There is also the compare site maps feature within Burp.

muneer ali Jan 07, 2019 09:37AM UTC
sorry it is not addOn, it is just using Emulate network connectivity in Chrome to stop all requests and send all of them in one time

Paul Johnston Jan 07, 2019 09:58AM UTC Support Center agent

Understood. You can do similar within Burp by turning on Intercept.

muneer ali Jan 08, 2019 05:31AM UTC
Thanks i did turn on the intercept then use "request in browser " to send the request again and again then turn off the intercept

Post Your public answer

Your name
Your email address