HackBlog

Burp Suit Pro v.1.4.0.3 has been released and available for download. This is a nice too for penetration testing of web applications. It has various tools included to test a website from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. This tool include a new CSRF generator , which produces proof-of-concept HTML for generating virtually any HTTP request.




Main Feature:

• Support for all form encoding types: standard URL encoding, multipart encoding, and plain text encoding.
• Auto-detection of the optimal encoding type, with manual override.
• Ability to edit both the request and response in-place, to fine tune attacks.
• In-browser testing, by pasting a URL into your browser that will cause Burp Proxy to serve up the CSRF PoC in its response.
• An intercepting proxy, which lets you inspect and modify traffic between your browser and the target application.
• An application-aware spider, for crawling content and functionality.
• An advanced web application scanner, for automating the detection of numerous types of vulnerability.
• An intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities.
• A repeater tool, for manipulating and resending individual requests.
• A sequencer tool, for testing the randomness of session tokens.
• The ability to save your work and resume working later.
• Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

Download Here:
http://portswigger.net/burp/download.html