Learn your way! Get started

Burp Suite Community Edition, Part 3 of 4: Macros and Sessions

with expert Atul Tiwari


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 11/11/2021
Level Intermediate
Runtime 1h 38m
Closed captioning Included
Transcript Included
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

Burp Suite is a set of tools to test web applications for penetration testing. Burp suite community edition gives tools and strategy to assist in hunting and finding bugs on the target platforms. This course covers: Macros, session handling, Anti-CSRF tokens, Automation and access control.

Prerequisites

Web application development and HTML knowledge are required

Meet the expert

Atul has been involved in information security,  IT auditing, and  penetration testing web apps in the field of information security training for over 8 years.

Course outline



Module 5

Burp Macros and Session Handling (36:37)
  • Introduction (00:08)
  • Burp macros and session handling with Anti-CSRF t (05:29)
  • Token Deauthentication (05:22)
  • Define Custom Parameter (05:47)
  • Using Macros (06:26)
  • Project Options (04:11)
  • Rules Sequence (05:04)
  • More Rule Actions (03:59)
  • Summary (00:08)
Match and Replace Strategy for Automation (36:03)
  • Introduction (00:08)
  • Match and Replace strategy for automation (05:09)
  • Add Match and Replace Rule (05:24)
  • Replacement (05:13)
  • Burp sequencer anticsrf token analysis (04:18)
  • Live Capture (03:52)
  • How The Randomness Tests Work (04:36)
  • Burp Sequencer Analysis (07:12)
  • Summary (00:08)
Comparing site maps for Access control (25:25)
  • Introduction (00:08)
  • Comparing site maps for Access control (06:25)
  • Site Maps (04:47)
  • Look for Access Control Vulnerabilities (04:32)
  • Invoking Burp suite into ZAP - Best strategy (04:31)
  • Zap Spider Attack (04:52)
  • Summary (00:08)