.

Burp Suite Pro: Worth the Price?

<<

Seen

User avatar

Full Member
Full Member

Posts: 137

Joined: Mon Aug 30, 2010 1:05 am

Post Tue Jan 17, 2012 7:21 pm

Burp Suite Pro: Worth the Price?

I'm getting more serious about web security as I'm going through the WAHH v2, and I'm wondering if Burp Suite Pro is worth the price.  I definitely think it would be worth a one time price of $299, but $299 a year seems quite steep.  Is it updated enough to justify such a huge subscription price?  Just thought I'd get the opinions of people who have the pro version.

Thanks.
Sec+, eCPPT
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Tue Jan 17, 2012 10:00 pm

Re: Burp Suite Pro: Worth the Price?

Depends what you want to do with it.

If you really want to do professional pentesting it worth every penny. If it is just for study... it is excellent, but I would first play with all the free software, in order to better understand what I am doing.

I have the pro version and I am very satisfied with it. The fact that you can save a session and restore it later is amazing. You can even do a delta between a saved session and the current one.

The built in scanner is not bad also. You have the option to do a passive scan (sniffing) or a real scan.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue Jan 17, 2012 11:05 pm

Re: Burp Suite Pro: Worth the Price?

Checkout this thread as well: Anyone got the Professional version of Burp Suite?

I haven't used Burp Pro myself, but I've heard from a handful of people that unlocking Burp Intruder's full potential with Burp Pro is worth the price alone heh
GSEC, eCPPT, Sec+
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Tue Jan 17, 2012 11:20 pm

Re: Burp Suite Pro: Worth the Price?

I've only heard good about it, and there's a lot of infosec companies that use it, so I believe it must be worth it, at least if your company is paying for it. The free version works very well, and most important, it's extremely stable.
Unlike other web app sec tools, I've never seen it crash, it has been around for ages, it has the most effective interface, and it has a lot of good features that any web app sec guy would need.
Even compared to Owasp Zed, it's still much better in my humble opinion. (It's even faster, and we're talking about the free versions.)
I'm an InterN0T'er
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Wed Jan 18, 2012 9:45 am

Re: Burp Suite Pro: Worth the Price?

MaXe wrote:Even compared to Owasp Zed, it's still much better in my humble opinion. (It's even faster, and we're talking about the free versions.)


Agreed, but this gap is narrowing with every ZAP commit.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

Seen

User avatar

Full Member
Full Member

Posts: 137

Joined: Mon Aug 30, 2010 1:05 am

Post Wed Jan 18, 2012 7:11 pm

Re: Burp Suite Pro: Worth the Price?

Ok, so I'll definitely buy Burp Suite Pro once I get a paying job.  (That and the GWAPT class).  Until then, I'll use the free version and try out ZAP. 
Sec+, eCPPT

Return to Web Applications

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software