fbpx
4.25 out of 5
4.25
252 reviews on Udemy

Mastering Burp Suite for Advanced Web and Mobile Pentesting

If you want to do Web Penetration Testing, then this is what you need! Burp Suite is the most important tool for that!
Instructor:
Gabriel Avramescu
2,586 students enrolled
English [Auto-generated]
Learn the most important features of the Burp Suite
Hands-on exercises
Do efficient manual web penetration testing
Learn to use Burp to automate certain attacks

This course will help you get acquainted with Burp Suite. Burp Suite is the most important tool for Web Penetration Testing! Discover vulnerabilities and develop attacks such as Brute-Forcing, Cross-Site Scripting, SQL injection, etc.

This course focuses on Burp Suite. A free version is available for download. However, it does not provide the full functionality as the Pro does. A trial version is available for the paid edition. Both versions work with Linux, Mac and Windows as well.

This is not a web application hacking course! However, you will get to know various web attacks. The attacks will target a test environment based on OWASP WebGoat vulnerable web application. The course is fully hands-on so that you can practice yourself everything while you learn.

Who this course is for:

  • IT security engineers
  • IT passionate and students
  • Ethical Hackers and Penetration Testers

Requirements

  • Understand how HTTP communication works
  • Basic knowledge of Web vulnerabilities

Introduction and Setup

1
About Myself

A few words about myself and my experience.

2
What is Burp. Course Expectations

A few words about what to expect from this course, what is Burp Suite and why is important in Web Penetration Testing.

3
Download Resources and Setup Environment

In this video you will learn how to setup the web application that we are going to work on.

4
Resources Download
5
Alternative setup - Download Burp. Free vs Paid

In this video I will list a few of the capabilities of Burp and I will show you the difference between the paid and free version.

6
Environment Setup. Import Burp Certificate

First steps with burp. Manage certificaates.

7
Section 1 Quiz

Just a short quiz in order to fix what you have learned

Burp Modules and Usage

1
General concept

In this video I will present the general concepts of a proxy and some information about Burp.

2
Target Module

In this video we will discuss the "Target Module"

3
Proxy Module - Part 1

In this video it will be presented the Proxy module, part of Burp suite.

4
Proxy Module - Part 2

Proxy Module Further Explanation

5
Spider Module

In this video is shown the use of Spider module

6
Repeater Module

In this video it will presented the Repeater Module, part of Burp Suite

7
Sequencer and Scanner Modules

In this video it will presented the Sequencer and Scanner Modules, part of Burp Suite

8
Decoder Module

In this video it will presented the Decoder Module, part of Burp Suite

9
Intruder and Comparer Modules

In this video it will presented the Intruder and Comparer modules, part of Burp Suite

10
BApp Store

In this video is presented the Burp App store, used to centralise various extensions, available to download free.

11
Section 2 Quiz

Just a short quiz in order to fix what you have learned

Final words

1
Burp Proxy Help - Further Documentation

You can find some links here if you want to further learn about Burp.

2
Burp Alternatives

In this video I will show you a few other applications that can be used as Burp alternatives.

3
Final words

Thank you for chosing this course. Some final words.

(Bonus) Web Penetration testing

1
Core Problems - Why Web Security
2
Information Gathering using Search Engines and Social Networks - part 1
3
Information Gathering using Search Engines and Social Networks - part 2
4
Brute-frocing Web Resources using Dirb and Dirbuster
5
Session Hijacking trough Man In The Middle Attack
6
Intercept and access traffic over HTTPS. Get Facebook or Gmail Passwords
7
Further information
8
Bonus - OWASP Top 10 Vulnerabilities

(Bonus) Network Penetration testing

1
Demo - Use Nessus to Discover Vulnerabilities
2
Metasploit Introduction
3
Sniffing
4
Demo - Exploiting FTP Server Vulnerability using Metasploit
5
Demo - Windows backdoor using Metasploit
6
Demo - Exploiting NFS Vulnerability and exporting SSH Keys to the Victim PC
You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don`t have an internet connection, some instructors also let their students download course lectures. That`s up to the instructor though, so make sure you get on their good side!
4.3
4.3 out of 5
252 Ratings

Detailed Rating

Stars 5
138
Stars 4
52
Stars 3
33
Stars 2
22
Stars 1
7