<aside> 💡 Ask for more details, a quote and customize your course: [email protected]

Booking/registration: [email protected] Drop us a message with the details for billing info and a payment link.

</aside>

Legend

This workshop provides testers and developers with an overview of how the Burp Suite can be used for web testing. Even though Burp is primarily designed for penetration testers, its sophisticated feature set also makes it a great tool for anyone doing general bug hunting in web applications.

Participants will gain a general understanding of how web applications work under the hood, how to use Burp for troubleshooting and how to utilize its toolset to re-create error conditions through manual HTTP traffic manipulation. In the final steps, we'll take an in-depth look into how to leverage the Burp API through Python in convoluted scenarios.

Description

Topics outline

• Web app networking in general
• Browsers and applications from the hacker's lens
• Web proxies
• Burp at glance
• Burp and networking
• Burp functionality
• Mastering Burp

Objective

The objective of the course is to provide the participants an overview of intercepting proxies and how they can be used for non-pentest related scenarios. By the end of the course the participants:

• will have a through understanding of Burp, its philosophy
• they will be able to integrate it in their daily bughunter/issue replicator workflow
• ideally, they will leave with an appetite to try their claws in bug bounties

Schedule

• Suggested schedule: 2 weeks (e.g. each Friday is a training day)