Is Burp Suite Spider and Intruder Safe?

Hi Guys,

I am fairly new to Bug Crowd and general bug hunting. I have spent a lot of time in labs practicing different techniques and looking for vulnerabilities manually to understand it better however I want to start using some tooling. I am mostly familiar with Burp and Zap.

My question though is whether the Spider and Intruder features are generally considered safe against real world targets? I would assume not due to potential request rates on the backend however I thought I’d ask the Experts/Community for your opinion.

If not, what alternatives are there to automated aspects of the process?

Thanks!

Burp and ZAP are typically safe. Make sure that on the spider function that you don’t have it to populate and autosubmit form information. I had a problem once because I had Burp configured to automatically submit form information and it entered the name, address, phone and email address in the prepopulated form data in Burp.

Ah ok, I will watch out for that. Nice one! Thanks for the reply.

1 Like

Hey Chris
I’m new too to the field of bughunting , maybe we can help each other
contact me on discord
Ayoub#1938 or email : rezultas.diali@gmail.com
cheers

1 Like

Hello everyone, I’m also new to bughunting can communicate on this topic my discord NBG0x1#8575

Hi all,
I am new to bug huting. please help me ? where i can find the bug path ? is this on the machine or the application like burp will show the path. How and data to be submitted in the report.

I know that I have used python for web scraping and Spiding. i know that is not a word. I have no trouble in the last 10 years scraping.