Learn Burp Suite for Advanced Web Penetration Testing
This course will help you get acquainted with Burp Suite. Burp Suite is the most important tool for Web Penetration Testing!
Watch Promo
This course focuses on Burp Suite. A free version is available for download. However, it does not provide the full functionality as the Pro does. A trial version is available for the paid edition. Both versions work with Linux, Mac and Windows as well.
This is not a web application hacking course! However, you will get to know various web attacks. The attacks will target a test environment based on OWASP WebGhoat vulnerable web application. The course is fully hands-on so that you can practice yourself everything while you learn.
What are the requirements?
- Understand how HTTP comunication works
- Basic knowledge of Web Applications vulnerabilities
What am I going to get from this course?
- Learn the most important features of the Burp Suite
- Hands-on exercises
- Do efficient manual web penetration testing
- Learn to use Burp to automate certain attacks
Who is the target audience?
- IT security engineers
- IT passionate and students
- Ethical Hackers and Penetration Testers
Your Instructor
Senior Information Security Consultant
- I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary.
- Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking).
- Make recommendations on security weaknesses and report on activities and findings.
- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
- Assist with the development of remediation services for identified findings
- Customize, operate, audit, and maintain security related tools and applications
IT Trainer
- CEH, ECSA, CHFI from EC-Council
- Cisco CCNA, CCNA Security, Linux Essentials
- Various Custom Trainings
Certifications
- OSWE
- OSCE
- OSWP
- CREST Registered Penetration Tester (CRT)
- OSCP
- CHFI (Computer Hacking Forensic Investigator)
- ISO 270001 Lead Auditor
- ECSA (EC-Council Security Analyst)
- CEH (Certified Ethical Hacker)
- CCNA and CCNA Security
- CCNP Routing and CCNP Switching
- Advanced Linux&InfoSEC
- VMWare vSphere Install, Configure, Manage
- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.
Course Curriculum
Section 1: Introduction and Setup
Available in
days
days
after you enroll
Section 2: Burp Modules and Usage
Available in
days
days
after you enroll
-
StartGeneral Concept (4:23)
-
StartTarget Module (10:21)
-
StartProxy Module - Part 1 (11:48)
-
StartProxy Module - Part 2 (10:06)
-
StartSpider Module (6:34)
-
StartRepeater Module (9:17)
-
StartSequencer and Scanner Modules (12:10)
-
StartDecoder Module (9:09)
-
StartIntruder and Comparer Modules (14:20)
-
StartBApp Store (13:26)
Section 3: Final words
Available in
days
days
after you enroll
Frequently Asked Questions
When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.