Hi you all, Please can someone explain to me: a) difference between these two? b) When and whay you would use one and not the other? By this I mean what BeEf do that Burp can't and vise-versa. Thanks
I'll be honest, I haven't used BeEF much, but BeEF looks to me to be more related to targeting web browsers, while Burp is used for websites. Burp has a lot of great extensions, and is amazing for scanning/testing web sites. I'm still learning a lot about it, but theres some great tools, like validating XSS vulnerabilities, the paramalyzer extension that will help you view all the different parameters in a site's code, the repeater will let you make multiple requests to a site while changing fields, like username or password, etc. Its pretty rad.
yes,burp is handy