In this course, Web Application Penetration Testing with Burp Suite, you will learn hands-on techniques for attacking web applications and web services using the Burp Suite penetration testing tool.
This tutorial is designed to expand your knowledge of the Burp Suite beyond just capturing requests and responses.
First, you'll learn about scoping your target application properly. Next, you'll spend some time scanning to trigger potential security vulnerabilities in your target, then digging deep into the results to validate your findings. Finally, you'll wrap up by leaning how to properly report your results to your audience.
By the end this course, you'll know how to perform all of these techniques at a comfortable and efficient level to better perform your job as a pen tester.
What is Burp Suite?
Burp Suite is a platform for performing web application penetration testing and vulnerability scanning, often used for checking web application security.
What is web application penetration testing?
Web application penetration testing is the process of performing a simulated cyber attack in order to gather information about your system, find vulnerabilities in it, and discover how those faults could ultimately compromise your application.
What will I learn in this course?
You will learn how to use Burp beyond just the capture of requests and responses. Some topics covered include:
Setting up your Burp Suite environment
Configuring a Burp proxy
Spidering your web application
Crawling target websites using Burp 2
Scanning your web application
Digging deeper into your results
Documenting your findings
Who should take this course?
Anyone who wants to learn how to perform web application penetration testing with the Burp Suite should take this tutorial. If you want to expand your knowledge of the Burp Suite beyond capturing requests and responses, then you are in the right place.
Are there prerequisites to this course?
Before taking this Burp Suite tutorial, you should be familiar with web technologies and client server architecture concepts.
Sunny Wear, D.Sc., is an Application Security Architect and Web Application Penetration Tester. Her breadth of experience includes network, data, application and security architecture as well as programming across multiple languages and platforms. She holds a Doctor of Science in Cybersecurity and is the author of several security-related books including her most recent, Burp Suite Cookbook.
Course Overview Hello everyone. My name is Sunny Wear, and welcome to my course, Web Application Penetration Testing with Burp Suite. I am a security architect, as well as a web application penetration tester for a very large financial services company. Did you know that many pen testers today are only using a very small portion of the tools available in the Burp Suite product? This course is designed to expand your knowledge of Burp Suite beyond just capturing requests and responses. We will be attacking web applications through a hands-on approach using Burp's suite of modules as our pen testing tools of choice. Now some of the major topics we're going to cover include scoping our target application properly, spidering the scope, scanning to trigger potential security vulnerabilities in our target digging deep into the results to validate our findings, and then reporting those results to our audience. Now by the end of this course, you'll know how to perform all of these techniques at a comfortable and efficient level to better perform your job as a pen tester. Now before beginning this course, you should be familiar with web technologies and client server architecture concepts. I hope you'll join me on this journey to learn how to be a great web app pen tester with the web application penetration testing with Burp Suite course at Pluralsight.