0
  • Home
  • Blog
  • Intercepting Mobile Traffic with Burp Suite - iPhone [FREE COURSE CONTENT]

Intercepting Mobile Traffic with Burp Suite - iPhone [FREE COURSE CONTENT]

(632 views)

In this course video by Atul Tiwari from his Mastering Burp Suite course, you will learn how to set up Burp Suite to intercept and analyze traffic going through a mobile device - in this case, an iPhone. Sounds like a useful trick to know, right? It's perfect for setting up on your own phone and playing with traffic generated by mobile apps. Enjoy and have fun with Burp! 

In that module of the course we start with setting up Burp Suite environments and play with various features of Burp Suite Professional and Burp Suite free edition to get around spidering, SSL/TLS setup, automation, rewriting host-headers, intercepting mobile devices traffic for mobile testing, invisible proxying for thick clients, CA certificate for SSL sites, setting the scope for engagement, identifying input parameters and setting various filters.

Further down the road we start tinkering with the repeater module to make a point-to-point attack. Intruder module will be used in more advanced ways with hunting for insecure direct object reference attack and placing payloads at multiple points in single attack with snipper, cluster bomb, pitch fork and battering arm. Further attacks -  bit flipping, hidden form field attack, data extraction from response, authorization and authentication attacks, brute forcing every parameters and various automated attacks to find hidden directories.

By the end of the course, we use auto-submit CSRF scripts, generate PoCs, session analysis of tokens to attack authentication and authorization, Burp Collaborator for hunting hidden bugs and security flaws that will not be caught in other pentesting, like blind XSS. Moving towards the most dangerous attack types – Clickjacking will be uncovered by Burp Clickbandit. And further we will hunt for many serious bugs using Burp Infiltrator and Out-of-Band security testing.

The access to this course is currently restricted to Hakin9 Premium or IT Pack Premium Subscription.

[custom-related-posts title="Courses instructed by Atul:" none_text="None found" order_by="title" order="ASC"]

April 25, 2022
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Get unlimited access

Become an Instructor

Become a Reviewer

Writing on Hakin9

LOOKING for a JOB in IT security?



© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
Please review your information and consent to the processing of your personal data.(Required)
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?
Please review your information and consent to the processing of your personal data.(Required)

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.