Course Curriculum

(W00) Course Instructions 00:00:00
(W36M00) Pre-Course Materials 00:00:00
Module 1
(W36M01) Lab Environment Configuration 00:00:00
(W36M02) Burp CA Certificate for SSL, TLS 00:00:00
(W36M03) Invisible proxying for non-proxy aware clients 00:00:00
(W36M04) Intercepting mobile device traffic with Burp Suite - iPhone 00:00:00
(W36M05) Spider the target, site in scope, Interceptor 00:00:00
(W36M06) Host Header re-writing 00:00:00
(W36A01) M1 Exercise 1 - Explore and make configuration for a pentest engagement30, 00:00
(W36A02) M1 Exercise 2 - Configure and use non-proxy aware clients30, 00:00
(W36A03) M1 Exercise 3 - Automate and filter spider, target site map30, 00:00
(W36A04) M1 Exercise 4 - Rewrite host header30, 00:00
Module 2
(W36M11) Repeater Module 00:00:00
(W36M12) Privilege Esclation using Repeater 00:00:00
(W36M13) Unrestricted file upload - using Repeater 00:00:00
(W36M14) Advanced Intruder with multiple attack types 00:00:00
(W36M15) Data extraction and response header manipulation 00:00:00
(W36M16) Payload types and Insecure direct object reference attack 00:00:00
(W36M17) Burp macros, session handling rules with Repeater 00:00:00
(W36A05) Module 2 Exercise 1 - Use Intruder module30, 00:00
(W36A06) Module 2 Exercise 2 - Use payloads positioning30, 00:00
(W36A07) Module 2 Exercise 3 - Manipulate response headers30, 00:00
(W36A08) Module 2 Exercise 4 - Configure macros for session recovery30, 00:00
Module 3
(W36M22) Scanner Issue definition - Burp Methodologies & Scanning 00:00:00
(W36M22) Content discovery of invisible functionalities 00:00:00
(W36M23) Burp Extender - Burp APIs to make your own extensions 00:00:00
(W36M24) Bypass WAF and CO2 attack Extensions 00:00:00
(W36M25) Download: generated report for reference 00:00:00
(W36A09) Module 3 Exercise 1 - Explore the Burp Suite Professional30, 00:00
(W36A10) Module 3 Exercise 2 - Discover the content for hidden functionalities – Burp Suite Pro Users30, 00:00
(W36A11) Module 3 Exercise 3 - Use the various extensions from BApp store30, 00:00
Module 4
(W36M29) Self-submitting scripts and CSRF PoC generator 00:00:00
(W36M30) Statistical analysis of session tokens using sequencer 00:00:00
(W36M31) Burp Collaborator 00:00:00
(W36M32) Burp Infiltrator attacks 00:00:00
(W36M33) Clickjacking with Clickbandit 00:00:00
(W36M34) Comparer and Decoder 00:00:00
(W36A12) Module 4 Module 4 Exercise 1 - Live capture of session tokens and analysis - All users30, 00:00
(W36A13) Module 4 Exercise 2: Attacking with Burp Collaborator – Burp Professional users30, 00:00
(W36A14) Module 4 Exercise 3: Attacking with Infiltrator – Burp Professional users30, 00:00
(W36A15) Module 4 Exercise 4 - Find at least two examples of clickjacking in simulating lab - All users30, 00:00
Final test
(W36Q01) Final Exam 00:20:00
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013
CYBER MONDAY IS HERE! Get your 30% OFF
Use the code: H9CYBER
x