Learn Burp Suite for Advanced Web Penetration Testing
4.0 (31 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
383 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Learn Burp Suite for Advanced Web Penetration Testing to your Wishlist.

Add to Wishlist

Learn Burp Suite for Advanced Web Penetration Testing

If you want to do Web Penetration Testing, then this is what you need! Burp Suite is the most important tool for that!
Bestselling
4.0 (31 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
383 students enrolled
Created by Gabriel Avramescu
Last updated 2/2017
English
Current price: $10 Original price: $170 Discount: 94% off
5 hours left at this price!
30-Day Money-Back Guarantee
Includes:
  • 2 hours on-demand video
  • 7 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Learn the most important features of the Burp Suite
  • Hands-on exercises
  • Do efficient manual web penetration testing
  • Learn to use Burp to automate certain attacks
View Curriculum
Requirements
  • Understand how HTTP comunication works
  • Basic knowledge of Web vulnearabilities
Description

JUST LUNCHED!!

This course will help you get acquainted with Burp Suite. Burp Suite is the most important tool for Web Penetration Testing! Discover vulnerabilities and develop attacks such as Brute-Forcing, Cross-Site Scripting, SQLinjection, etc.

This course focuses on Burp Suite. A free version is available for download. However, it does not provide the full functionality as the Pro does. A trial version is available for the paid edition. Both versions work with Linux, Mac and Windows as well.

This is not a web application hacking course! However, you will get to know various web attacks. The attacks will target a test environment based on OWASP WebGhoat vulnerable web application. The course is fully hands-on so that you can practice yourself everything while you learn. 

Who is the target audience?
  • IT security engineers
  • IT passionate and students
  • Ethical Hackers and Penetration Testers
Students Who Viewed This Course Also Viewed
Curriculum For This Course
18 Lectures
02:04:24
+
Introduction and Setup
5 Lectures 19:02

A few words about myself and my experience.

Preview 00:49

A few words about what to expect from this course, what is Burp Suite and why is important in Web Penetration Testing.

Preview 01:54

In this video you will learn how to setup the web application that we are going to work on.

Download Resources and Setup Environment
04:35

In this video I will list a few of the capabilities of Burp and I will show you the difference between the paid and free version.

Preview 01:25

First steps with burp. Manage certificaates.

Environment Setup. Import Burp Certificate
10:19

Just a short quiz in order to fix what you have learned

Section 1 Quiz
2 questions
+
Burp Modules and Usage
10 Lectures 01:41:34

In this video I will present the general concepts of a proxy and some information about Burp.

Preview 04:24

In this video we will discuss the "Target Module"

Target Module
10:21

In this video it will be presented the Proxy module, part of Burp suite.

Proxy Module - Part 1
11:48

Proxy Module Further Explanation

Proxy Module - Part 2
10:06

In this video is shown the use of Spider module

Spider Module
06:34

In this video it will presented the Repeater Module, part of Burp Suite

Repeater Module
09:17

In this video it will presented the Sequencer and Scanner Modules, part of Burp Suite

Sequencer and Scanner Modules
12:10

In this video it will presented the Decoder Module, part of Burp Suite

Decoder Module
09:08

In this video it will presented the Intruder and Comparer modules, part of Burp Suite

Intruder and Comparer Modules
14:20

In this video is presented the Burp App store, used to centralise various extensions, available to download free.

BApp Store
13:26

Just a short quiz in order to fix what you have learned

Section 2 Quiz
4 questions
+
Final words
3 Lectures 03:48

You can find some links here if you want to further learn about Burp.

Burp Proxy Help - Further Documentation
01:47

In this video I will show you a few other applications that can be used as Burp alternatives.

Preview 01:47

Thank you for chosing this course. Some final words.

Preview 00:14
About the Instructor
Gabriel Avramescu
4.1 Average rating
328 Reviews
5,084 Students
8 Courses
Senior Information Security Consultant, IT Trainer

Senior Information Security Consultant

I work in the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary. Act as an effective participant in multidisciplinary security project team. -Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking). Make recommendations on security weaknesses and report on activities and findings. - Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated) - Security lab fixed and virtual assets design for different LAN / WAN architectures - Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment - Perform analysis and testing to verify the strengths and weaknesses of - Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.) - Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures - Assist with the development of remediation services for identified findings - Customize, operate, audit, and maintain security related tools and applications

IT Trainer

- Trainer for Web Application Hacking and Network Infrastructure Hacking - Training students for CCNA and CCNA Security Certification - Training NDG Linux Basics - Legal Main Contact - Curriculum Leader

Certifications

- OSCP

- CREST CRT (Registered Penetration Tester)

- ISO 270001 Lead Auditor

- ECSA (EC-Council Certified Professional)

- CEH (Certified Ethical Hacker)

- CEI (Certified EC-Council Instructor)

- VMWare vSphere Install, Configure, Manage

- CCNA and CCNA Security

- CCNP Routing and CCNP Switching

- Advanced Linux&InfoSEC

- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.