Web Application is the basic Interface for an organization to represent their working and Infrastructure. Developers use modern security skills to make the applications more secure, But the attackers are also catching up with these modern security techniques and finding security flaws in them. We will learn how we can use Burp Suite to detect such modern security flaws and use its unique features which are not normally used by today’s pentesters. Throughout the talk, we will learn how we can use Burp Proxy, Spider, Intruder, Repeater, Sequencer. We will make use of Burp SSL Pass-through, Invisible Proxy, and Socks Proxy. In the talk, we will take some real time scenarios where we can properly make use of burp suite and protect the web application from being attacked.