Web app vulnerability scan using Burpsuite tool

Mastering Web App Security: A Guide to Burp Suite Scanner

Introduction:

In the dynamic landscape of web applications, security is paramount. As the digital realm expands, so do the threats to the integrity and confidentiality of sensitive information. To fortify your web applications against potential vulnerabilities, one powerful tool stands out: Burp Suite Scanner. In this guide, we'll explore the capabilities of Burp Suite Scanner and how it can be your ally in conducting thorough and effective web app security testing.

Understanding Burp Suite Scanner (Burpsuite Professional from PortSwigger):

Burp Suite is an integrated platform for performing security testing of web applications. Among its arsenal of tools, Burp Suite Scanner takes the spotlight as an automated scanner designed to identify security issues in web applications. It employs a combination of active and passive scanning techniques to comprehensively analyze web app vulnerabilities. Note that the community version does not support automatic scanning.

Getting Started:

1. **Installation and Configuration:**

   Start by downloading and installing Burp Suite on your machine. Once installed, configure your browser to proxy through Burp to capture and analyze HTTP requests and responses. You can also use the integrated Chromium browser with everything preconfigured.

https://portswigger.net/burp/pro

2. **Target Scoping:**

   Define the scope of your testing by specifying the target URL or IP address of the web application you want to assess. This helps Burp Suite Scanner focus its efforts on the designated area.

3. **Crawling and Analysis:**

   Burp Suite Scanner automates the process of crawling through the web application, mapping out its structure, and identifying potential points of interest. The scanner then actively analyzes these points for vulnerabilities.

Key Features of Burp Suite Scanner:

1. **Automated Scanning:**

   Burp Suite Scanner automates the detection of common web application vulnerabilities, including SQL injection, cross-site scripting (XSS), and more including OWASP Top 10 web. This saves time and ensures a thorough examination of your application.

2. **Customizable Scan Configurations:**

   Tailor your scans by configuring parameters such as scan depth, scope, and exclusions. This allows you to focus on specific areas of concern and avoid unnecessary scans.

3. **Real-time Reporting:**

   Receive real-time feedback on discovered vulnerabilities through detailed reports. Burp Suite Scanner provides insights into the severity of issues, helping prioritize and address them effectively.

4. **Integration with Burp Suite Tools:**

   Seamlessly integrate Burp Suite Scanner with other tools within the Burp Suite ecosystem, such as the Proxy and Intruder, for a comprehensive testing approach.

Best Practices for Effective Testing:

1. **Regular Updates:**

   Keep your Burp Suite Scanner up to date to benefit from the latest security checks and improvements.

2. **Authentication Handling:**

   Configure Burp Suite Scanner to handle authentication mechanisms, ensuring comprehensive testing of both public and restricted areas of your web application.

3. **Thorough Manual Testing:**

   While Burp Suite Scanner automates many tasks, combining it with manual testing ensures a more holistic approach to identifying vulnerabilities.

Conclusion:

In the ever-evolving landscape of cybersecurity, proactive measures are crucial to safeguarding web applications. Burp Suite Scanner emerges as a versatile and powerful tool, providing automated scanning capabilities to enhance your web app security testing efforts. By integrating Burp Suite Scanner into your toolkit and following best practices, you empower yourself to identify and address vulnerabilities, fortifying your web applications against potential threats.

Secure coding: Integrating SonarQube in Android Studio

It is often difficult to spot the security issues in your App code while you focus more on adding features and offer exceptional user experience. Here is how you can take care of security bugs and protect your apps and users from being exposed to vulnerabilities. There are lot of opensource and free security scanners which you can integrate in your favourite IDEs and get rid of some common, basic security bugs easily. In this article, I will show how we can use the community edition of a popular code scanning tool- SonarQube- for finding bugs in Android app development by integrating it in Android Studio.

The SonarQube scanner is a popular code quality and security scanning tool available in multiple editions like Community, Developer, Enterprise and Data Center. You can read about it more, here.

Prerequisites:

• Java 11 or higher (Tested it using Java 11)
• Android Studio

Make sure your Android Studio is working properly. The JAVA_HOME variable should be pointing to Java installation root directory.

Follow the below simple steps to download and configure SonarQube in your system.

1. Visit SonarQube website download page and understand the different editions of this static code analysis tool.
2. If you prefer the Community edition, download the latest version appropriate for your machine's operating system. For this article, I will be using the Windows OS version.
3. Now simply unpack the zipped file to your directory of choice. We will call it the base directory for simplicity.
4. Browse through the directories 'sonarqube-xy.x.xx.xx\bin\windows-x86-64' to locate StartSonar bat file. Based on your version, the path might differ.
5. Add the location to your system path variable.
6. Now simply run the bat file from command-prompt.
7. If everything goes well, you will see that execution is completed. Keep the CMD running.
8. Now open http://127.0.0.1:9000 in your browser to get the tool UI.
9. Login with default credentials (admin/admin)
10. The tool installation is complete. 

Now we have to integrate the tool in Android Studio. Install the SonarQube plugin for Android Studio.

File>Settings>Plugins

Search for SonarQube Analyzer and install the same.

Fire up the IDE and open the build,gradle files.

Open the project build.gradle file . Add the below line under dependencies. 

classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.6.2"

Now open the build,gradle file corresponding to the app and add the below entry at the end. Make sure you give the username/password corresponding to your installation of SonarQube.

apply plugin: 'org.sonarqube'

sonarqube
        {
            properties
                    {
                        property "sonar.projectName", "developerlibs"
                        property "sonar.projectKey", "com.devlibs.android"
                        property "sonar.language", "kotlin"
                        property "sonar.sources", "src/main/java/"
                        property "sonar.binaries", "build"
                        property "sonar.sourceEncoding", "UTF-8"
                        property "sonar.login", "admin"
                        property "sonar.password", "admin"
                    }
        }

Finally, execute Gradle Wrapper command to complete the process.

 

You are all set to go, Just refresh your SonarQube homepage opened at http://127.0.0.1:9000 and you can see scan results appearing in your dashboard. Simple, right?