BurpSuite - Fundamentals

BurpSuite - Repeater

Easy
10 min

What is a Repeater?

With the BurpSuite repeater tool, we can manually repeat HTTP requests, make changes to the request, and notice any deviations in the HTTP responses. This is an excellent tool for finding and verifying vulnerabilities. Let's start by selecting an HTTP request again and transferring it to the Repeater tool. This is done in the same way as in other tools, so you can right-click the request and choose Send to intruder, or press Ctrl - R.

Using the Repeater tool

You can now modify the request in any way you want and press the Send button to send the request. BurpSuite will return the response in the adjacent window. We modified the request to include the /robots.txt path and received the Hakatemia service's robots.txt file as a response.

If the server returns an HTTP response that indicates a redirection, we can actually follow this redirection like it would actually happen. We can also go back in our requests by using the arrow keys in the top bar.

Test your learning

Objective

Perform an HTTP request with the repeater tool to the root of the website, ensuring that the following hold true:

  • In the HTTP request, there is a header Burp: repeater

Exercises

Flag

Find the flag from the lab environment and enter it below.

hakatemia pro

Ready to become an ethical hacker?
Start today.

As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.