Web Application Hacking with Burp Suite

Description

This course will introduce Burp Suite and demonstrate the common modules and tools used by web application hackers to find and exploit vulnerabilities. This course provides practical examples through the PortSwigger labs and DVWA to help solidify the concepts and give you the opportunity to exploit systems.

Burp Suite contains an array of penetration testing and vulnerability finder tools. It is mainly used to identify the vulnerabilities of web applications. In this course, you will learn essential techniques with Burp Suite to detect vulnerabilities that cause web applications to be compromised. The course starts off with demonstrating how to set up your project in Burp Suite. It also introduces the different modules included in the Burp Suite. You'll learn to identify information disclosure vulnerability and expose sites leaking sensitive information. You'll also learn about insecure decentralization vulnerability and how this can be exposed. Web applications use WebSocket to communicate with the user. Testing web sockets for vulnerabilities is also covered in this course. You'll also learn how to simulate the directory traversal attack and read files that are running. Finally, you will learn about some other attacks such as the external entity injection (XXE), cross-site scripting (XSS), and SQL injections. With this, you will have all the skills in your arsenal to test web applications. The code files and all related files are updated on GitHub at https://github.com/PacktPublishing/Web-Application-Hacking-with-Burp-Suite

Learn how Burp Suite is used in web application hacking
Learn to set up Burp using Firefox
Learn the use of different modules in Burp Suite
Simulate common attacks that a web application can be prone to
Simulate advanced attacks that a web application can be prone to

This course is useful for penetration testers and ethical hackers. This course is also ideal for bug bounty hunters and IT security personnel. IT students who want to enter the field of security and testing can also take up this course.

This course uses a hands-on approach to expose vulnerabilities in web applications using the Burp Suite. You will learn about the different modules in the suite and how they can be used to simulate attacks on web apps.

Learn how to find and exploit common vulnerabilities with Burp * Learn how Burp Suite can help automate attacks * Learn using hands-on examples

https://github.com/PacktPublishing/Web-Application-Hacking-with-Burp-Suite

Scott Cosentino is a software developer and teacher currently working in computer security. Scott has worked extensively with both low- and high-level languages, working on operating system- and enterprise-level applications. Scott has a passion for teaching and currently writes and creates videos on computer security and other programming topics. He has developed an extensive library of courses and has taught over 45,000 students through courses with Udemy, Packt, and CodeRed. He maintains a blog on Medium, and is active on YouTube and LinkedIn, where he enjoys creating content and interacting with students.

1. Understanding Burp's Modules and Functionality

2. Practical Applications: Web Application Hacking with Burp

3. Web Application Hacking

4. Appendix A- Using Burp on Device Browser