BurpLoader 初次体验

第一次使用这个神器,自己试试了 记下简单的过程
用的是Chrome 然后设置代理服务器为本地

下载BurpLoader.jar 是java写的 所以jdk环境是必须的
启动java -jar BurpLoader.jar
启动之后的界面
举个简单的例子啊
我们要抓个包试试
设置代理之后
随便点开一个页面就会抓包信息,开启代理模式

打开网页:http://blog.csdn.net/elsery/article/details/51085138

不用再多解释了把,提交表单的时候也能抓到,也可以修改值,所以注意安全,后台判断最安全.
抓包代码为

GET /elsery/article/details/51085138 HTTP/1.1Host: blog.csdn.netCache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36Accept-Encoding: gzip, deflate, sdchAccept-Language: zh-CN,zh;q=0.8Cookie: uuid_tt_dd=-1878423435616956437_20151108; bdshare_firstime=1447559580920; __gads=ID=8a016c1715dce17d:T=1447559593:S=ALNI_MaPBKttzpRjCwMhCzFhIcaE7JliuA; __qca=P0-1746198333-1447559582277; lzstat_uv=13781287953403473492|3017872; __utma=17226283.1507013861.1447559579.1457609612.1457609612.1; __utmz=17226283.1457609612.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); cache_cart_num=0; uuid=28a3c9b6-259a-4044-b442-735c39064091; _message_m=epvxv1lhgrffgzibxxevsw1o; _ga=GA1.2.1507013861.1447559579; UserName=elsery; UserInfo=ev8QLaqSUQSvxu5T6KKCXlJ4Fkhu%2BRq6x88p0nrzXeDyNwcQIjIpDdv8%2BUwqJ5vlVvfajtCL9LEQ7YHiAo4M9mBBNUjdFX2OH4S%2B57m%2Fivs2Zz%2BuIiovvnsHIy8CrWlQ; UserNick=elsery; AU=248; UN=elsery; UE="bao1993@foxmail.com"; BT=1460167217937; access-token=e7096f3b-d13e-49bc-af10-9d1fa82e650f; __message_district_code=000000; avh=50955898%2c51085138; dc_tos=o5cieg; dc_session_id=1460170024409; __message_sys_msg_id=0; __message_gu_msg_id=0; __message_cnel_msg_id=0; __message_in_school=0If-None-Match: W/"ded33cd57f8a90731e89f8dd9c71cf39"

这都可以伪装,但是对于https 我还没研究看看