I use the free community edition of Burp Suite in my work.
Burp Suite is an HTTP Proxy which allows me to Observe, Interrogate and Manipulate HTTP Messages.
I cover proxies in more detail in my Technical Web Testing 101 Online Course
The following videos are some of the earliest tool demo videos I created from 2011.
Intercept and Site Map
I recommend that if you want to go further with technical web testing you read the book “The Web Application Hacker’s Handbook” written by the people behind the Burp Suite tool.
A simple overview of Burp Suite, in particular the Intercept and Site Map functionality. I don’t cover the nuances of usage, but I cover enough to get you started. So if you haven’t started using a proxy server as an essential part of your web testing… no excuses – start here:
Tutorial on Repeater and Intruder
This tutorial on Burp Suite covers the Repeater and Intruder functionality.
- Repeater allows you to play back a message to the server and amend it before it goes out.
- Intruder allows you to play back messages, with various elements of the message varying with each playback e.g. a different set of parameters
In the tutorial video I explain how I use each function in my testing.
Other proxy tools do similar things.