Watch trailer
Course at a glance
Included in these subscriptions:
- Dev & IT Pro Video
- Dev & IT Pro Power Pack
| Release date | 11/11/2021 | |
| Level | Intermediate | |
| Runtime | 1h 38m | |
| Closed captioning | N/A | |
| Transcript | N/A | |
| eBooks / courseware | N/A | |
| Hands-on labs | N/A | |
| Sample code | N/A | |
| Exams | Included |
Course description
Burp Suite is a set of tools to test web applications for penetration testing. Burp suite community edition gives tools and strategy to assist in hunting and finding bugs on the target platforms. This course covers: Macros, session handling, Anti-CSRF tokens, Automation and access control.
Prerequisites
Web application development and HTML knowledge are required
Meet the expert
Atul has been involved in information security, IT auditing, and penetration testing web apps in the field of information security training for over 8 years.
Course outline
Module 5
Burp Macros and Session Handling (36:37)
- Introduction (00:08)
- Burp macros and session handling with Anti-CSRF t (05:29)
- Token Deauthentication (05:22)
- Define Custom Parameter (05:47)
- Using Macros (06:26)
- Project Options (04:11)
- Rules Sequence (05:04)
- More Rule Actions (03:59)
- Summary (00:08)
Match and Replace Strategy for Automation (36:03)
- Introduction (00:08)
- Match and Replace strategy for automation (05:09)
- Add Match and Replace Rule (05:24)
- Replacement (05:13)
- Burp sequencer anticsrf token analysis (04:18)
- Live Capture (03:52)
- How The Randomness Tests Work (04:36)
- Burp Sequencer Analysis (07:12)
- Summary (00:08)
Comparing site maps for Access control (25:25)
- Introduction (00:08)
- Comparing site maps for Access control (06:25)
- Site Maps (04:47)
- Look for Access Control Vulnerabilities (04:32)
- Invoking Burp suite into ZAP - Best strategy (04:31)
- Zap Spider Attack (04:52)
- Summary (00:08)