Burp Intruder

1. Sniper

只需要1个payload

POST /login HTTP /1.1

username=$nino$&password=$password$  

Payload simplelist: a, b

request1: username=a&password=password
request2: username=b&password=password
request3: username=nino&password=a
request4: username=nino&password=b

2. Battering ram

只需要一个payload

POST /login HTTP /1.1  
username=$nino$&password=$password$  

Payload Simple list: a, b

Request 1: username=a&password=a
Request 2: username=b&password=b

3. Pitchfork

N个field需要N个payload

POST /login HTTP/1.1  
username=$nino$&password=$password$  

Payload1 Simple List: a, b
Payload2 Simple List: x, y

Request 1: username=a&password=x
Request 2: username=b&password=y

Cluster Bomb

POST /login HTTP/1.1  
username=$nino$&password=$password$  

Payload1 Simple List: a, b
Payload2 Simple List: x, y

Request 1: username=a&password=x
Request 2: username=a&password=y
Request 3: username=b&password=x
Request 4: username=b&password=y