Course Curriculum

(W00) Course Instructions 00:00:00
(W36M00) Pre-Course Materials 00:00:00
Module 1
(W36M01) Lab Environment Configuration 00:00:00
(W36M02) Burp CA Certificate for SSL, TLS 00:00:00
(W36M03) Invisible proxying for non-proxy aware clients 00:00:00
(W36M04) Intercepting mobile device traffic with Burp Suite - iPhone 00:00:00
(W36M05) Spider the target, site in scope, Interceptor 00:00:00
(W36M06) Host Header re-writing 00:00:00
(W36A01) M1 Exercise 1 - Explore and make configuration for a pentest engagement 30, 00:00
(W36A02) M1 Exercise 2 - Configure and use non-proxy aware clients 30, 00:00
(W36A03) M1 Exercise 3 - Automate and filter spider, target site map 30, 00:00
(W36A04) M1 Exercise 4 - Rewrite host header 30, 00:00
Module 2
(W36M11) Repeater Module 00:00:00
(W36M12) Privilege Esclation using Repeater 00:00:00
(W36M13) Unrestricted file upload - using Repeater 00:00:00
(W36M14) Advanced Intruder with multiple attack types 00:00:00
(W36M15) Data extraction and response header manipulation 00:00:00
(W36M16) Payload types and Insecure direct object reference attack 00:00:00
(W36M17) Burp macros, session handling rules with Repeater 00:00:00
(W36A05) Module 2 Exercise 1 - Use Intruder module 30, 00:00
(W36A06) Module 2 Exercise 2 - Use payloads positioning 30, 00:00
(W36A07) Module 2 Exercise 3 - Manipulate response headers 30, 00:00
(W36A08) Module 2 Exercise 4 - Configure macros for session recovery 30, 00:00
Module 3
(W36M22) Scanner Issue definition - Burp Methodologies & Scanning 00:00:00
(W36M22) Content discovery of invisible functionalities 00:00:00
(W36M23) Burp Extender - Burp APIs to make your own extensions 00:00:00
(W36M24) Bypass WAF and CO2 attack Extensions 00:00:00
(W36M25) Download: generated report for reference 00:00:00
(W36A09) Module 3 Exercise 1 - Explore the Burp Suite Professional 30, 00:00
(W36A10) Module 3 Exercise 2 - Discover the content for hidden functionalities – Burp Suite Pro Users 30, 00:00
(W36A11) Module 3 Exercise 3 - Use the various extensions from BApp store 30, 00:00
Module 4
(W36M29) Self-submitting scripts and CSRF PoC generator 00:00:00
(W36M30) Statistical analysis of session tokens using sequencer 00:00:00
(W36M31) Burp Collaborator 00:00:00
(W36M32) Burp Infiltrator attacks 00:00:00
(W36M33) Clickjacking with Clickbandit 00:00:00
(W36M34) Comparer and Decoder 00:00:00
(W36A12) Module 4 Module 4 Exercise 1 - Live capture of session tokens and analysis - All users 30, 00:00
(W36A13) Module 4 Exercise 2: Attacking with Burp Collaborator – Burp Professional users 30, 00:00
(W36A14) Module 4 Exercise 3: Attacking with Infiltrator – Burp Professional users 30, 00:00
(W36A15) Module 4 Exercise 4 - Find at least two examples of clickjacking in simulating lab - All users 30, 00:00
Final test
(W36Q01) Final Exam 00:20:00
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.