Attacking Web Applications With Burp Suite
Learn to effectively and dynamically attack web applications by discovering security weaknesses and common vulnerabilities using an industry standard methodology backed by the most comprehensive suite of web application penetration testing tools available today. The Burp Suite!
Modern enterprise organizations require stringent application security testing focusing on real world web based attack vectors and application layer threats from all angles. This course was designed by seasoned penetration testers to teach the next generation of information security professionals how to analyze complex web applications and identify security gaps before and after code gets pushed to production.
Web Penetration Testing Methodology
Discovery & Mapping
Map out your target applications: Pages, Directories, Etc, Identify user-controlled inputs
Perform manual and automated fuzzing against all identified parameters and user-controlled inputs
Scanning & Validation
Leverage an automated scanner to test all the things, identify breadth of exposure, and verify results are genuine
In a controlled manor, exploit discovered attack vectors to further quantify the potential depth of penetration
Capture all evidence screenshots GET/POST data required to generate a detailed report of your findings