Understanding Burp Suite Intruder Attack Types

1

Burp Suite is one of the most popular intercepting proxies out there and it features an Intruder option which allows us to enumerate over parameters with payloads from wordlists. This Intruder option is very powerful, extensive and could be used in a lot of various combinations to produce some amazing results. In this article, we’re going to be looking at the different attack types Intruder features.

The Burp Suite’s Intruder option comes with 4 attack modes, viz.,

  • Sniper
  • Battering Ram
  • Pitchfork
  • Cluster Bomb

We’re going to take a closer look at them, for which we’re going to use the following request and wordlists.

The request

You enter your own wordlists by clicking on load.

The request and the wordlists we are using might not be the best example of a real-world scenario where you’d use the Burp Intruder, but our goal is to understand the attack types and it serves that purpose well enough.

Sniper

Wordlists: Single

The sniper attack enumerates over each parameter, one at a time. So if you have multiple parameters, it will enumerate the first parameter with all the payloads from the wordlist supplied and then move on to the second and so on.

Format:

Battering Ram

Wordlists: Single

The battering ram attack enumerates over multiple parameters with the same payload for all the parameters.

Format:

Pitchfork

Wordlists: Multiple

The pitchfork attack type enumerates over multiple parameters at the same time using different payloads for each parameter at the same time.

Format:

Cluster Bomb

Wordlists: Multiple

The cluster bomb attack type enumerates over multiple parameters by using all the possible combinations of payloads from the multiple wordlists.

So if you have multiple parameters, it will enumerate over one of the parameters with all the payloads from its respective wordlist, while the other parameters have the first payload from their respective wordlists loaded.

Format: