Augmenting Penetration Testing Methodology with Artificial Intelligence – Part 1: Burpference

**Using an LLM to augment web application pentesting:** The author describes installing and configuring the burpference Burp Suite extension (tested with a local Ollama model and a remote OpenAI model), walks through troubleshooting steps, and demonstrates the tool identifying potential XSS and a confirmed SQL injection in an OWASP Juice Shop test app with proof-of-concept payloads; the post also highlights performance considerations and data confidentiality risks when sending in-scope traffic to remote models.