Q1. Create a burp suite project with 2 proxy listeners that are both listening on a different port. Make sure that you INCLUDE gifs, you want to capture gifs as well. You also want to enable disabled fields. Post screenshots of what you changed from the default config.
Q2. Can you explain what all the options in the screenshot do?
Q3. Set burp's scope to capture *.thexssrat.com with shop.thexssrat.com out of scope.
Q4. Explain the following settings for the burp suite's intruder as seen in the list below:
- Attack type: Pitchfork
- Vars: Get and POST parameters
- URL encoding payload 2 into base64