• Post category:StudyBullet-5
  • Reading time:5 mins read




What you will learn

 

Web application Pentesting in Manual Method Using Burp-suite

 

Burp-suite all features

Description

Burp suite is the best tool for web application pentester, Ethical Hacker, Bug Bounty Hunter. In this course you can learn Burp suite from Basic to advance level. Burp Suite Professional is an advanced set of tools for finding and exploiting vulnerabilities in web applications – all within a single product. From a basic intercepting proxy to a cutting edge vulnerability scanner. Burp Suite can be used to test and report on a large number of vulnerabilities including SQLi, XSS and the whole OWASP top 10. PortSwigger pioneered out-of-band security testing (OAST) and Burp scanner was the first product to make OAST available out-of-the-box with zero configuration and to apply it to a wide range of vulnerability types. The Burp Suite Enterprise Edition enables businesses to secure their entire web portfolio with simple, scalable, scanning using the same cutting-edge Burp scanner technology. The Enterprise Edition performs recurring, scheduled scans across thousands of applications, with intuitive reporting dashboards, role-based access control and scan reports. It can provide out-of-the- box integration with ready made CI plugins, native Jira support and rich API’s to enable security incorporation into existing software development processes. PortSwigger Web Security is a global leader in the creation of software tools for the security testing of web applications. The software (Burp Suite) is well established as the de facto standard toolkit used by web security professionals. Burp Suite is used by more than 47,000 individuals at 12,500 organizations, in over 140 countries. Used across the majority of industry sectors, in organizations both large and small.

 


Get Instant Notification of New Courses on our Telegram channel.


English
language

Content

Burp suite Installation

Setup Burp suite
Install https certificate in Burp Suite
Live demo and intercept the request using Burp Suite

Parameter Manipulation using Burp Suite

Parameter Manipulation in E-commerce Website

Intruder option in Burp suite

Brute force attack in login page using Intruder
Add sql-injection payload in Intruder to Bypass Login page AUTH
Play with XSS Payload using Intruder

Repeater option

Manual Testing with Repeater

Sequencer option

Session ID manipulation with Sequencer

Decoder option

Decode encrypt value using Decoder option

Extender option

Setup different plugin using Extender

BApp Store Option

Install Different extension from BApp Store

OTP Bypass Using manipulated response

OTP Bypass Using manipulated response

Turbo Intruder option

Increases your brute force speed using Turbo Intruder