In this chapter, we saw some smaller tools that are part of the Pro version of Burp Suite. Even though we could do without these tools, they make working with clients, reporting, and so on, easy. We looked at suite-wide search functionality, how we can find comments and scripts in web pages, how we can analyze a target that can aid in estimating our testing effort, and additional discovery of content that is not linked anywhere by the brute-forcing file and directory names. We also looked at how we can schedule tasks and repeat them and how we can generate PoCs for CSRF.

Most of these tasks can be done manually, and a lot of us end up doing that; with the automation provided by Burp Suite, we can ensure quality and consistency of these ...