Share Description
In this course, you will learn :
- Burp Internals functionalities
- Burp Macros
- Session handling rules
- Turbo intruder
- Burp methods
- web security testing methods
- Burp Intruder
- Burp Manual analysis
Syllabus :
Module 1
- Lab environments and burp installations Preview
- Burp CA certificate for SSL/TLS
- Burp suite versions and academy
- Burp suite walk through -Basics
- Intercepting proxy and site map configs
- Intercepting mobile device traffics
- Invisible proxying for non-proxy aware clients
- Using Hotkeys for burp suite
- Authentication bypass and information disclosure - LAB
Module 2
- Burp Dashboard and live task
- Burp UserOption ProjectOption - Customizations
- Repeater module testing
- Burp Intruder configurations
- Burp Intruder attacks types - Attacks
- Payload processing and brute forcer
- Grep match Grep extracts with clustor bomb
- Some best payloads types used and hidden form field
- User name generator
Module 3
- Burp macros and session handling rules with anti-csrf Tokens
- Match and Replace strategy for automation
- Burp sequencer Anti-CSRF analysis
- Comparing site maps for access control attacks
- Invoking burp suite into ZAP - Best strategy
Module 4
- Best used Burp extensions by Bug Hunters
- Manual testing methods
- Turbo intruder - Known for speed
- Testing methodologies in a nutshell - XSS Attacks
