jpskill.com
🛠️ 開発・MCP コミュニティ 🔴 エンジニア向け 👤 エンジニア・AI開発者

🛠️ BurpSuiteテスト

burp-suite-testing

Burp Suiteの多機能ツールを使い、HTTP通信の傍受や改変、脆弱性スキャンなど、Webアプリの総合的なセキュリティテストを実行するSkill。

⏱ 障害ポストモーテム 1日 → 1時間

📺 まず動画で見る(YouTube)

▶ 【衝撃】最強のAIエージェント「Claude Code」の最新機能・使い方・プログラミングをAIで効率化する超実践術を解説! ↗

※ jpskill.com 編集部が参考用に選んだ動画です。動画の内容と Skill の挙動は厳密には一致しないことがあります。

📜 元の英語説明(参考)

Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability scanning, and manual testing workflows.

🇯🇵 日本人クリエイター向け解説

一言でいうと

Burp Suiteの多機能ツールを使い、HTTP通信の傍受や改変、脆弱性スキャンなど、Webアプリの総合的なセキュリティテストを実行するSkill。

※ jpskill.com 編集部が日本のビジネス現場向けに補足した解説です。Skill本体の挙動とは独立した参考情報です。

⬇ このSkillをダウンロード(.skill) 元のソースを見る ↗

⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。

🎯 このSkillでできること

下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。

📦 インストール方法 (3ステップ)

  1. 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
  2. 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
  3. 3. 展開してできたフォルダを、ホームフォルダの .claude/skills/ に置く
    • · macOS / Linux: ~/.claude/skills/
    • · Windows: %USERPROFILE%\.claude\skills\

Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。

詳しい使い方ガイドを見る →
最終更新
2026-05-17
取得日時
2026-05-17
同梱ファイル
1

💬 こう話しかけるだけ — サンプルプロンプト

  • Burp Suite Testing を使って、最小構成のサンプルコードを示して
  • Burp Suite Testing の主な使い方と注意点を教えて
  • Burp Suite Testing を既存プロジェクトに組み込む方法を教えて

これをClaude Code に貼るだけで、このSkillが自動発動します。

📖 Claude が読む原文 SKILL.md(中身を展開)

この本文は AI(Claude)が読むための原文(英語または中国語)です。日本語訳は順次追加中。

AUTHORIZED USE ONLY: Use this skill only for authorized security assessments, defensive validation, or controlled educational environments.

Burp Suite Web Application Testing

Purpose

Execute comprehensive web application security testing using Burp Suite's integrated toolset, including HTTP traffic interception and modification, request analysis and replay, automated vulnerability scanning, and manual testing workflows. This skill enables systematic discovery and exploitation of web application vulnerabilities through proxy-based testing methodology.

Inputs / Prerequisites

Required Tools

  • Burp Suite Community or Professional Edition installed
  • Burp's embedded browser or configured external browser
  • Target web application URL
  • Valid credentials for authenticated testing (if applicable)

Environment Setup

  • Burp Suite launched with temporary or named project
  • Proxy listener active on 127.0.0.1:8080 (default)
  • Browser configured to use Burp proxy (or use Burp's browser)
  • CA certificate installed for HTTPS interception

Editions Comparison

Feature Community Professional
Proxy
Repeater
Intruder Limited Full
Scanner
Extensions

Outputs / Deliverables

Primary Outputs

  • Intercepted and modified HTTP requests/responses
  • Vulnerability scan reports with remediation advice
  • HTTP history and site map documentation
  • Proof-of-concept exploits for identified vulnerabilities

Core Workflow

Phase 1: Intercepting HTTP Traffic

Launch Burp's Browser

Navigate to integrated browser for seamless proxy integration:

  1. Open Burp Suite and create/open project
  2. Go to Proxy > Intercept tab
  3. Click Open Browser to launch preconfigured browser
  4. Position windows to view both Burp and browser simultaneously

Configure Interception

Control which requests are captured:

Proxy > Intercept > Intercept is on/off toggle

When ON: Requests pause for review/modification
When OFF: Requests pass through, logged to history

Intercept and Forward Requests

Process intercepted traffic:

  1. Set intercept toggle to Intercept on
  2. Navigate to target URL in browser
  3. Observe request held in Proxy > Intercept tab
  4. Review request contents (headers, parameters, body)
  5. Click Forward to send request to server
  6. Continue forwarding subsequent requests until page loads

View HTTP History

Access complete traffic log:

  1. Go to Proxy > HTTP history tab
  2. Click any entry to view full request/response
  3. Sort by clicking column headers (# for chronological order)
  4. Use filters to focus on relevant traffic

Phase 2: Modifying Requests

Intercept and Modify

Change request parameters before forwarding:

  1. Enable interception: Intercept on
  2. Trigger target request in browser
  3. Locate parameter to modify in intercepted request
  4. Edit value directly in request editor
  5. Click Forward to send modified request

Common Modification Targets

Target Example Purpose
Price parameters price=1 Test business logic
User IDs userId=admin Test access control
Quantity values qty=-1 Test input validation
Hidden fields isAdmin=true Test privilege escalation

Example: Price Manipulation

POST /cart HTTP/1.1
Host: target.com
Content-Type: application/x-www-form-urlencoded

productId=1&quantity=1&price=100

# Modify to:
productId=1&quantity=1&price=1

Result: Item added to cart at modified price.

Phase 3: Setting Target Scope

Define Scope

Focus testing on specific target:

  1. Go to Target > Site map
  2. Right-click target host in left panel
  3. Select Add to scope
  4. When prompted, click Yes to exclude out-of-scope traffic

Filter by Scope

Remove noise from HTTP history:

  1. Click display filter above HTTP history
  2. Select Show only in-scope items
  3. History now shows only target site traffic

Scope Benefits

  • Reduces clutter from third-party requests
  • Prevents accidental testing of out-of-scope sites
  • Improves scanning efficiency
  • Creates cleaner reports

Phase 4: Using Burp Repeater

Send Request to Repeater

Prepare request for manual testing:

  1. Identify interesting request in HTTP history
  2. Right-click request and select Send to Repeater
  3. Go to Repeater tab to access request

Modify and Resend

Test different inputs efficiently:

1. View request in Repeater tab
2. Modify parameter values
3. Click Send to submit request
4. Review response in right panel
5. Use navigation arrows to review request history

Repeater Testing Workflow

Original Request:
GET /product?productId=1 HTTP/1.1

Test 1: productId=2    → Valid product response
Test 2: productId=999  → Not Found response  
Test 3: productId='    → Error/exception response
Test 4: productId=1 OR 1=1 → SQL injection test

Analyze Responses

Look for indicators of vulnerabilities:

  • Error messages revealing stack traces
  • Framework/version information disclosure
  • Different response lengths indicating logic flaws
  • Timing differences suggesting blind injection
  • Unexpected data in responses

Phase 5: Running Automated Scans

Launch New Scan

Initiate vulnerability scanning (Professional only):

  1. Go to Dashboard tab
  2. Click New scan
  3. Enter target URL in URLs to scan field
  4. Configure scan settings

Scan Configuration Options

Mode Description Duration
Lightweight High-level overview ~15 minutes
Fast Quick vulnerability check ~30 minutes
Balanced Standard comprehensive scan ~1-2 hours
Deep Thorough testing Several hours

Monitor Scan Progress

Track scanning activity:

  1. View task status in Dashboard
  2. Watch Target > Site map update in real-time
  3. Check Issues tab for discovered vulnerabilities

Review Identified Issues

Analyze scan findings:

  1. Select scan task in Dashboard
  2. Go to Issues tab
  3. Click issue to view:
    • Advisory: Description and remediation
    • Request: Triggering HTTP request
    • Response: Server response showing vulnerability

Phase 6: Intruder Attacks

Configure Intruder

Set up automated attack:

  1. Send request to Intruder (right-click > Send to Intruder)
  2. Go to Intruder tab
  3. Define payload positions using § markers
  4. Select attack type

Attack Types

Type Description Use Case
Sniper Single position, iterate payloads Fuzzing one parameter
Battering ram Same payload all positions Credential testing
Pitchfork Parallel payload iteration Username:password pairs
Cluster bomb All payload combinations Full brute force

Configure Payloads

Positions Tab:
POST /login HTTP/1.1
...
username=§admin§&password=§password§

Payloads Tab:
Set 1: admin, user, test, guest
Set 2: password, 123456, admin, letmein

Analyze Results

Review attack output:

  • Sort by response length to find anomalies
  • Filter by status code for successful attempts
  • Use grep to search for specific strings
  • Export results for documentation

Quick Reference

Keyboard Shortcuts

Action Windows/Linux macOS
Forward request Ctrl+F Cmd+F
Drop request Ctrl+D Cmd+D
Send to Repeater Ctrl+R Cmd+R
Send to Intruder Ctrl+I Cmd+I
Toggle intercept Ctrl+T Cmd+T

Common Testing Payloads

# SQL Injection
' OR '1'='1
' OR '1'='1'--
1 UNION SELECT NULL--

# XSS
<script>alert(1)</script>
"><img src=x onerror=alert(1)>
javascript:alert(1)

# Path Traversal
../../../etc/passwd
..\..\..\..\windows\win.ini

# Command Injection
; ls -la
| cat /etc/passwd
`whoami`

Request Modification Tips

  • Right-click for context menu options
  • Use decoder for encoding/decoding
  • Compare requests using Comparer tool
  • Save interesting requests to project

Constraints and Guardrails

Operational Boundaries

  • Test only authorized applications
  • Configure scope to prevent accidental out-of-scope testing
  • Rate-limit scans to avoid denial of service
  • Document all findings and actions

Technical Limitations

  • Community Edition lacks automated scanner
  • Some sites may block proxy traffic
  • HSTS/certificate pinning may require additional configuration
  • Heavy scanning may trigger WAF blocks

Best Practices

  • Always set target scope before extensive testing
  • Use Burp's browser for reliable interception
  • Save project regularly to preserve work
  • Review scan results manually for false positives

Examples

Example 1: Business Logic Testing

Scenario: E-commerce price manipulation

  1. Add item to cart normally, intercept request
  2. Identify price=9999 parameter in POST body
  3. Modify to price=1
  4. Forward request
  5. Complete checkout at manipulated price

Finding: Server trusts client-provided price values.

Example 2: Authentication Bypass

Scenario: Testing login form

  1. Submit valid credentials, capture request in Repeater
  2. Send to Repeater for testing
  3. Try: username=admin' OR '1'='1'--
  4. Observe successful login response

Finding: SQL injection in authentication.

Example 3: Information Disclosure

Scenario: Error-based information gathering

  1. Navigate to product page, observe productId parameter
  2. Send request to Repeater
  3. Change productId=1 to productId=test
  4. Observe verbose error revealing framework version

Finding: Apache Struts 2.5.12 disclosed in stack trace.

Troubleshooting

Browser Not Connecting Through Proxy

  • Verify proxy listener is active (Proxy > Options)
  • Check browser proxy settings point to 127.0.0.1:8080
  • Ensure no firewall blocking local connections
  • Use Burp's embedded browser for reliable setup

HTTPS Interception Failing

  • Install Burp CA certificate in browser/system
  • Navigate to http://burp to download certificate
  • Add certificate to trusted roots
  • Restart browser after installation

Slow Performance

  • Limit scope to reduce processing
  • Disable unnecessary extensions
  • Increase Java heap size in startup options
  • Close unused Burp tabs and features

Requests Not Being Intercepted

  • Verify "Intercept on" is enabled
  • Check intercept rules aren't filtering target
  • Ensure browser is using Burp proxy
  • Verify target isn't using unsupported protocol

When to Use

This skill is applicable to execute the workflow or actions described in the overview.