Om A Complete Guide to Burp Suite
Chapter 1: Introduction to Burp SuiteChapter Goal: Introduce the Burp suite to the users explaining its need and a high-level overview. It would set the context for rest of the chapters. No of pages - 6-8
Subtopics
1. Introduction to application security testing
2. Some basics of application security
3. A brief introduction to Burp Suite
4. Need for Burp Suite
5. Peer comparison
6. Burp Suite features and versions
7. High level feature overview
Chapter 2: Setting up the environment Chapter Goal: Help the readers to setup the testing environment for rest of the chapters
No of pages 6
Subtopics
1. Burp Suite installation
2. Setting up vulnerable target web application
3. Configuring the browser
4. Using the Burp Suite CA certificate
Chapter 3: User options, project options, proxy Chapter Goal: Introduce the readers to the user options, project options and proxy tab of Burp Suite. These are some basic building blocks to get started further.
No of pages 20-25
Subtopics
1. Platform authentication, upstream proxy servers, SOCKS proxy
2. Defining the hotkeys
3. Automatic project backups
4. Rest API
5. Proxy interception, proxy history logging
6. Performance feedback
7. Project Options - Time outs, host name resolution, out of scope requests, redirections, TLS configuration, session handling rules, cookie jar and macros
8. Proxy - Intercept, HTTP History, web socket history and options
Chapter 4: Dashboard, target, engagement tools
Chapter Goal: Introduce the readers to the dashboard, target tabs and the engagement tools
No of pages 10-15
Subtopics
1.Dashboard overview
2.Target Tab - introduction to various panes, filters
3.Engagement tools
Chapter 5: Intruder Chapter Goal: Introduce the readers to the Burp Suite intruder tool.
No of pages 10
Subtopics
1. Target tab
2. Positions
3. Payloads
4. Options
Chapter 6: Repeater, sequencer, decoder and comparer
Chapter Goal: Introduce the readers to repeater, sequencer, decoder and comparer
No of pages 10 - 15
Subtopics
1. Repeater - request and response, search filters, show response and render
2. Sequencer - Live capture, manual load and analysis options
3. Decoder - Encoding, Decoding and Hashing
4. Efficiently using comparer
Chapter 7: Infiltrator, Collaborator and Clickbandit
Chapter Goal: Introduce the readers to infiltrator, collaborator and clickbandit tools
No of pages 10-15
Subtopics
1. Infiltrator - patching the java binaries
2.
Vis mer