Oreilly - Burp Suite Recipes
by Sunil Gupta | Publisher: Packt Publishing | Release Date: January 2019 | ISBN: 9781789536171
Use Burp Suite to take your Pentesting skills to the next levelAbout This VideoAutomate web penetration testing with Burp SuiteIdentify vulnerabilities and regulate your pentesting target efficientlyImplement various Burp toolsIn DetailBurp Suite is a Java-based platform for security-testing web applications. This tool has been widely adopted by professional enterprise testers.This video offers practical recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use various Burp tools such as Spider, Scanner, Intruder, Repeater, Decoder, and others to resolve specific problems faced by pentesters. You will learn to work with various modes Burp and then perform operations on the web using the Burp CLI. Towards the end of the course, you will come across recipes that target specific test scenarios and resolved them with best practices.By the end of the course, you will be up-and-running with deploying Burp to secure web applications and will have gone from beginner to intermediate level in web penetration testing.
- Chapter 1 : Burp Suite Target and Proxy Modules
- The Course Overview 00:02:04
- Proxy Module in Burp Suite 00:04:55
- Setup Proxy Settings 00:05:10
- Intercept Web Application Traffic Using Proxy Modules 00:04:41
- Target Module in Burp Suite 00:05:20
- Web Application Analysis Using Target Module 00:06:18
- Chapter 2 : Spidering and Scanning Web Applications
- Spidering Module in Burp Suite 00:04:17
- Web Application Spidering Using Spidering Module 00:04:45
- Scanner Module in Burp Suite 00:03:46
- Community Burp Suite versus Professional Burp Suite 00:03:42
- Web Application Scanning Using Scanner Module 00:03:30
- Chapter 3 : Digging Deeper into Web Applications Using Intruder
- Intruder Module in Burp Suite 00:06:39
- Brute-Force Attack Overview 00:02:45
- Send Web Application Traffic to Intruder 00:04:13
- Perform a Web Application Brute-Force Attack 00:15:23
- Intruder Summary 00:02:17
- Chapter 4 : Repeater for Your Rescue
- Repeater Module in Burp Suite 00:05:24
- Request and Response in Repeater 00:03:29
- Save Web Application Analysis Time Using Repeater 00:06:52
- Repeater Summary 00:01:59
- Chapter 5 : Delightful Decoder
- Decoder Module in Burp Suite 00:03:55
- Loading Web Application Data into the Decoder 00:04:50
- Smart Encoding and Decoding Using Decoder 00:03:11
- Decoder Summary 00:01:35
- Chapter 6 : Sequencer, Comparer, and Extender
- About Sequencer, Comparer, and Extender Modules 00:04:31
- Analyze Randomness in Web Application Data Using Sequencer 00:04:49
- Compare Two Different Web Application Data Using Comparer 00:06:22
- Use Burp Extensions Using Extender 00:04:09
- Chapter 7 : Burp Suite Reporting
- Setting Severities in Burp Suite 00:02:46
- Generate Web Application Analysis Report 00:02:45
- Explanation of Web Application Analysis Report 00:02:18
- Conclusion 00:01:47
TO MAC USERS: If RAR password doesn't work, use this archive program:
RAR Expander 0.8.5 Beta 4 and extract password protected files without error.
TO WIN USERS: If RAR password doesn't work, use this archive program:
Latest Winrar and extract password protected files without error.