O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Burp Suite Recipes

Video Description

Use Burp Suite to take your Pentesting skills to the next level

About This Video

  • Automate web penetration testing with Burp Suite
  • Identify vulnerabilities and regulate your pentesting target efficiently
  • Implement various Burp tools

In Detail

Burp Suite is a Java-based platform for security-testing web applications. This tool has been widely adopted by professional enterprise testers.

This video offers practical recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use various Burp tools such as Spider, Scanner, Intruder, Repeater, Decoder, and others to resolve specific problems faced by pentesters. You will learn to work with various modes Burp and then perform operations on the web using the Burp CLI. Towards the end of the course, you will come across recipes that target specific test scenarios and resolved them with best practices.

By the end of the course, you will be up-and-running with deploying Burp to secure web applications and will have gone from beginner to intermediate level in web penetration testing.

Downloading the example code for this course: You can download the example code files for all Packt video courses you have purchased from your account at http://www.PacktPub.com. If you purchased this course elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

Table of Contents

  1. Chapter 1 : Burp Suite Target and Proxy Modules
    1. The Course Overview 00:02:04
    2. Proxy Module in Burp Suite 00:04:55
    3. Setup Proxy Settings 00:05:10
    4. Intercept Web Application Traffic Using Proxy Modules 00:04:41
    5. Target Module in Burp Suite 00:05:20
    6. Web Application Analysis Using Target Module 00:06:18
  2. Chapter 2 : Spidering and Scanning Web Applications
    1. Spidering Module in Burp Suite 00:04:17
    2. Web Application Spidering Using Spidering Module 00:04:45
    3. Scanner Module in Burp Suite 00:03:46
    4. Community Burp Suite versus Professional Burp Suite 00:03:42
    5. Web Application Scanning Using Scanner Module 00:03:30
  3. Chapter 3 : Digging Deeper into Web Applications Using Intruder
    1. Intruder Module in Burp Suite 00:06:39
    2. Brute-Force Attack Overview 00:02:45
    3. Send Web Application Traffic to Intruder 00:04:13
    4. Perform a Web Application Brute-Force Attack 00:15:23
    5. Intruder Summary 00:02:17
  4. Chapter 4 : Repeater for Your Rescue
    1. Repeater Module in Burp Suite 00:05:24
    2. Request and Response in Repeater 00:03:29
    3. Save Web Application Analysis Time Using Repeater 00:06:52
    4. Repeater Summary 00:01:59
  5. Chapter 5 : Delightful Decoder
    1. Decoder Module in Burp Suite 00:03:55
    2. Loading Web Application Data into the Decoder 00:04:50
    3. Smart Encoding and Decoding Using Decoder 00:03:11
    4. Decoder Summary 00:01:35
  6. Chapter 6 : Sequencer, Comparer, and Extender
    1. About Sequencer, Comparer, and Extender Modules 00:04:31
    2. Analyze Randomness in Web Application Data Using Sequencer 00:04:49
    3. Compare Two Different Web Application Data Using Comparer 00:06:22
    4. Use Burp Extensions Using Extender 00:04:09
  7. Chapter 7 : Burp Suite Reporting
    1. Setting Severities in Burp Suite 00:02:46
    2. Generate Web Application Analysis Report 00:02:45
    3. Explanation of Web Application Analysis Report 00:02:18
    4. Conclusion 00:01:47