Course 27 - Hacking Web Applications, Penetration Testing, CTF | Episode 19: Mastering Burp Suite

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor intenta de nuevo

Intenta nuevamente

Intenta nuevamente

Escúchala gratis

Ver detalles del espectáculo

In this lesson, you’ll learn about mastering Burp Suite for professional web application security testing:

Burp Suite Editions:
- Community Edition
- Professional Edition
- Enterprise Edition
- Installation steps, Java setup, browser proxy configuration, and installing the Burp SSL certificate for HTTPS interception
Core Components and Manual Testing Tools:
- Proxy & Dashboard: Intercepting, modifying, and analyzing HTTP/S traffic
- Intruder: Automating customized attack payloads
- Repeater: Manually modifying and replaying individual HTTP requests
- Decoder: Transforming encoded/hashed data formats
- Sequencer: Analyzing randomness of session tokens
- Comparer: Identifying subtle differences between responses (e.g., valid vs. invalid login attempts)
Automation and Extensibility:
- Using the BApp Store to install extensions and plugins
- Leveraging the built-in automated vulnerability scanner
- Performing content discovery to uncover hidden or unlinked endpoints
Specialized Utilities:
- CSRF proof-of-concept generator
- Click Bandit for testing clickjacking
- Burp Collaborator for detecting out-of-band vulnerabilities
Workflow Optimization Techniques:
- Color-coded highlights for organizing requests
- Renaming tabs for clarity
- Targeted testing of nested parameters
- Efficiency “tricks and hacks” to speed up assessments

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy

Todavía no hay opiniones