Learn how to use the Burp Suite in a web application penetration test
Through examples show you the main functionality of the Burp Suite
Start you in your way to become an efficient penetration tester
- The course is not a web application hacking course. Quite a few web vulnerabilities will be shown in the examples, however, the focus will be on the Burp Suite. Still if you want to learn web hacking, it will be still good to kickstart it, just don’t expect the course to cover everything.
- To do the course you will need the free edition of Burp Suite and the Owasp WebGoat, both are available for free. I will use the Kali linux as my operating system, but that is optional.
This course will help you to master the Burp Suite. If you are doing or wanting to do penetration testing, then it is 100% that you will work with web application. At the moment the Burp Suite is the most important tool for that. What you learn in this course can be immediately used in web application assessments.
Quickly Master the Most Important Web Hacking/Penetration Testing Tool, the Burp Suite.
- Learn the most important features of the Burp Suite
- Hands-on exercises
- Automate what you can
- Do efficient manual testing
Content and Overview
This course focuses on the Burp Suite. It is not a web application hacking course, although you will get to know various web attacks, which you can immediately try out yourself. First you will setup your own test environment with the Owasp WebGoat vulnerable web application and the Burp Suite. Then I will show you how to use the various modules in the tool. These modules can be used in different parts of the penetration test. They help you to easily reuse request or to automate some of your work. We will try out these tool together by attacking the WebGoat. The course if fully hands-on, so that you can do everything yourself as well. After finishing this course you will be able to employ the Burp Suite in your work immediately, whether you do penetration testing or any other web related work.
Who this course is for:
- This course is meant for people who have an intermediate understanding of how the web works. The best is if you already work in IT or you study it, however, if you know how an HTTP request and response looks like, then you should be fine.
- Even if you are not into web hacking, but you work with web applications regularly, it still makes sense to take this course because the Burp Suite is a HTTP proxy so it can come useful anytime.
3 sections • 10 lectures • 1h 56m total lengthExpand all sections
Setup3 lectures • 15min
- Download resources01:02
- Environment Setup11:15
The Tool6 lectures • 1hr 40min
- General Concept05:42
- Proxy Module25:18
- Repeater Module14:24
- Target and Spider Modules13:16
- Sequencer and Scanner Modules14:15
- Intruder and Comparer Modules27:02
Congrats!1 lecture • 1min