Question

You’ll save yourself a lot of time and headache if you hunt for bugs within a well-oiled lab. In this chapter, I’ll guide you, step-by-step, through setting up your hacking environment. You’ll configure your browser to work with Burp Suite, a web proxy that lets you view and alter HTTP requests and responses sent between your browser and web servers. You’ll learn to use Burp’s features to intercept web traffic, send automated and repeated requests, decode encoded content, and compare requests. I will also talk about how to take good bug bounty notes.

如果你在一个井然有序的实验室里寻找漏洞，你将会节省很多时间和烦恼。在这一章节中，我将一步一步地为你设置黑客环境。你将会配置你的浏览器与 Burp Suite 一同工作，Burp Suite 是一个网络代理，让你可以查看和更改你的浏览器和网页服务器之间发送的 HTTP 请求和响应。你将会学习使用 Burp 的功能来截获网络流量，发送自动化和重复请求，解码编码内容和比较请求。我也会讲解如何记录好的漏洞赏金笔记。

This chapter focuses on setting up an environment for web hacking only. If your goal is to attack mobile apps, you’ll need additional setup and tools. We’ll cover these in Chapter 23 , which discusses mobile hacking.

本章重点介绍建立网络黑客环境的步骤。如果你的目标是攻击移动应用程序，你需要额外的设置和工具。我们将在第 23 章介绍移动黑客，讨论这些内容。