Overview
Syllabus
Intro
Gin & Juice Shop
Burp Suite Crash Course ~5 mins
Burp: What is it?
Burp: Setup/FoxyProxy
Burp: Interceptor
Burp: HTTP History
Burp: Repeater
Burp: Intruder
Burp: Sequencer
Burp: Collaborator
Burp: Decoder
Burp: Comparer
Burp: Logger
Burp: Extensions
Burp: Site map target
Burp: Spider crawler
Burp: Scanner
Burp: Scope
Burp: Crawl and Audit authenticated
Burp: Live audit scoped
Explore website functionality
Waiting for vulnerability scanner
Review scan results
Try to catch more issues
Generate report
Review high/med/low/info issues
Regenerate report
Conclusion
Taught by
CryptoCat