Likelihood to Recommend Burp Suite is a good general tool to test websites as long as your website is not too large or you have the time for it to complete. We have some websites that only about five to ten minutes for Burp Suite to complete an attack and a spider only takes about two minutes. Other websites have taken a few hours to complete. I have seen a tester actually run Burp Suite against one of our websites and it took all day to complete.
Read full review I don't know of any other tool that works as well as Wireshark for packet capture an inspection. It's extremely easy to get up and running, and even with little to no knowledge of how to use the tool, you can be looking at all the traffic coming off a network interface.
Read full review Pros The passive scan feature is really awesome, it kind of covers areas that you might miss. The CSRF POC is really helpful to my team. It helps development team see the issue and understand it. Burp intruder and repeater are the features I myself and my team uses the most as it helps us use our payloads in a variety of different ways. Active scan helps the team to ensure coverage for the whole application. Read full review Light-weight software - Does not require high end specifications; also runs smoothly on Legacy systems Filter function - Lets you filter you packets from thousands to tens so as to find your target much easily Simultaneous capturing on all the network adapters - You can capture packets from all the Network Interface Cards (NIC's) at once. Read full review Cons The interface is a big problem: No matter how many features a software provides you, if the features are not well presented, you will miss most of them when they are actually required. The presentation of the software should be improvised and made more presentable. Tutorial videos for beginners: This software lacks a lot in tutorials. A beginner almost wastes most of the time in finding and understanding the features and the implementation of the same. The software vendor should work on providing more in-depth videos so that people can learn and understand the concepts. Read full review A more user-friendly interface would be nice, but then again it is not really designed for those who are not quite comfortable with this type of software. Changes to functionality on updates - this can sometimes happen unexpectedly and can be an annoyance. More powerful data processing would be welcomed Read full review Usability Easy to use once you learn it; however, the user interface is not very intuitive at first view. Port Swigger does provide a lot of video resources for self-paced learning which helps. Most of the end users for PortSwigger Burp Suite will be technical and should be able to learn the product with the free resources.
Read full review It's very simple and easy to use, although individuals not used to managing and administering networks would take some time to get familiar with it. Once they have mastered use of the application, it's easy to stay knowledgeable about it, iteration after iteration. It is well supported online through an open-source community network of professionals who are helpful in imparting knowledge and in providing assistance.
Read full review Support Rating BurpSuite does not have an amazing customer support. All the major help that you will find is from public forums and Google. Although you will find all the required information on Google, still at time professional support helps you solve the problem in much less time and make your operations go smoothly.
Read full review I don't believe Wireshark has "true" support as the software is open source. However, there is an active & friendly community around Wireshark that are more than happy to help answer questions. From a comprehensive Wiki and FAQ section on the site to the Ask a Question forum and bug tracker section, there's plenty of support options to make sure your questions and issues are addressed.
Read full review Implementation Rating Simple and easy setup.
Read full review Alternatives Considered Each tool is specific and are good for what they do. While Burp Suite can perform some level of the same functions, somehow security consultants prefer these tools as additional to the Burp Suite. Maybe due to open source and easy setup when compared to Burp Suite. But Burp Suite allows for one tool for many templates for each project.
Read full review Wireshark is a free tool that came highly recommended by one of our former network security consultants. Using the tool he was able to resolve all of our higher tier network tickets, so we observed first hand why we needed to add Wireshark into our toolset. We received in-depth instruction and training scenarios that demonstrated the effectiveness and power of the product, so we didn't spend any time reviewing competing products.
Read full review Return on Investment Scanned 100% of the orgs public facing web sites with a small team of analysts. Provided a reputable second opinion source to back up the other product in use i.e. Webinspect. Pro version $350 is amazing ROI, considering the thwarted attacks and that it's competition is priced in the tens of thousands last I checked. No successful hacks. Q.E.D. :-) Read full review Identifying bugs in the network has never been smooth and near-perfect. Wireshark has made sure our equipment and software is working properly via analyzing network data. Analysis of IP packets and Sip call flaws has saved us a lot of time and confident result. Read full review ScreenShots