This article is a part of the Guide for Burp Suite series. Within the previous article, we see how to work with the Bup Decoder Tab. Now we’ll move forward and learn about the Comparer Tab. So Let’s Get Started.
Comparer lets you compare requests and responses. This can be useful when you submitted 2 requests and changed the value of a parameter. The resulting response differs from the first one by a few bytes. You want to know where on the page something has changed. Comparer lets you do a word or byte-level comparison between different data. You can load, paste, or send data in comparer from other tools and then select the comparison you want to perform.
Load data into Comparer
You can load data into Comparer using the below steps
- Paste it directly from the clipboard.
- Load it from the file.
- Select data anywhere within Burp, and choose “Send to Comparer” from the menu.
Perform comparisons
- Words – This comparison tokenizes each item of data based on whitespace delimiters, and identifies the token-level edits required to transform the first item into the second. It is most useful when the interesting differences between the compared items exist at the word level, for example in HTML documents containing different content.
- Bytes – This comparison identifies the byte-level edits required to transform the first item into the second. It is most useful when the interesting differences between the compared items exist at the byte level, for example in HTTP requests containing subtly different values in a particular parameter or cookie value.
After clicking on the “Words” button, A dialog pop-up displays the two requests with color-coded highlights which shows the words difference between the 2 messages.
Congratulations! finally, we know about the Burp Comparer tab. In the next Part, we will discuss the Extender tab.
#burpsuite #burpsuitetutorial #burp #webapplicaitonpentesting
