Advanced Bug Hunting with Burp Suite (W63) – Ethical Hacking Course Online

Categories: Short Courses, Courses Tag: Tools & Techniques

Description
Reviews (2)
DEMO

Product Description

Learn advanced Burp Suite techniques hackers don’t want you to know. Stay ahead in the game by hunting bugs more efficiently using useful burp extensions. In this course, you will learn how to skillfully find interesting bugs in web applications, and expertly configure Burp Suite to be efficient in your testing.

Why you?
Why now?
Why this course?

Who is this course for?

This course is for anyone who is familiar with basic Burp Suite usage and wants to level up.

Course benefits:

Scope
Tools
Skills

What will you learn about?

Upon completion of this course, you will be able to skillfully hunt for bugs like IDORs, XSS, SQL and Host Header injection, SSRF, CORS. There will be a bonus lecture on useful miscellaneous tips as well.

Course general information:

How this works
Lab Setup
Prerequisites

DURATION: 6 hours

CPE POINTS: On completion, you get a certificate granting you 6 CPE points.

Course format:

Self-paced
Pre-recorded
Accessible even after you finish the course
No preset deadlines
Materials are video, labs, and text
All videos captioned

YOUR INSTRUCTOR: DHRUV KANDPAL

Dhruv Kandpal is presently working as a Threat Intelligence Analyst at Deloitte USI. He is a CEHv11 certified ethical hacker, and a self-taught bug hunter. He has reported eight vulnerabilities to four organizations in the span of the last year. He’s an adroit scripter who loves automating his day-to-day tasks. He is also a tool-maker and has created three successful open-source tools for the bug-bounty community. One of his tools, christened ‘LazyFuzzZ’, got featured in an episode of ‘Bounty Thursdays’ hosted by Stok (a famous hacker and content creator on YouTube). Dhruv has previously published his college projects ‘Phish-Me-Not’ and ‘Mal-OR-Not’ in different volumes of the reputed Hakin9 magazine. He’s a self-motivated individual who’s driven on the mission to become a master bug-hunter and a skilled cybersecurity professional in the future.

COURSE SYLLABUS

Module

Before the course

Topics

Set up Burp Suite using FoxyProxy.
How does Burp work?
How is it able to intercept and modify HTTPS traffic? What are we gonna do? We are going to answer all these questions.

Module 1

Hunting for IDORS effectively

Broken access control is number 1 on OWASP top-10 2021 list. It is easy to find these issues, they are usually P1 issues. Learning how to hunt for IDOR (Insecure Direct Object Reference) and BAC (Broken Access Control) is important for any good bug bounty hunter.

Workload: 1h

Topics
Exercises

Covered topics

You will learn how to use Burp Suite with three of its extensions to find IDORs easily!
The three extensions are auto repeater, authorize, auth matrix.
You will learn how to automate hunting for BAC issues.Module 2

Hunting cross-site scripting effectively

Learn how to hunt for the most commonly found web application vulnerability across the internet, cross-site scripting.

Workload: 1h

Topics
Exercises

Covered topics

You will learn how to leverage Burp Suite to effectively look for XSS.
You will learn how to use match and replace rules in Burp Suite and leverage the Logger++ burp extension to find XSS.
You will learn how to use useful burp extensions like Reflector, and reflected parameters extension to find XSS.

Module 3

Learn how to effectively hunt for vulnerabilities on the fly

It is important to make your hunting process efficient and many bug hunters struggle in this phase. In this module, I will teach students how to make the most out of their time, while hunting for bugs on websites.

Workload: 1h

Topics
Exercises

Covered topics

You will learn how to find issues like CORS, CSRF, Host Header injection, and SSRF by simply using auto repeater and logger++.

Module 4

Miscellaneous Burp Suite Usage

Learning about some of the most useful features of the Burp Suite can help in improving your overall efficiency as a bug bounty hunter.

Workload: 1h

Topics
Exercises

Covered topics

Burp Macros
Some other useful burp extensions
Targeted scanning.
SSH tunneling on VPS to fetch output straight to burp
Using cloud instance

Final exam

You will have to answer 20 multiple choice questions. A minimum of 85% is required to clear the exam

Workload: 20 questions

Source

Leave a Comment Cancel Reply

London, GB

8:43 am, Jan 18, 2025

2°C

L: 1° | H: 3°

Feels like 0°C° overcast clouds

Humidity: 89 %

Pressure: 1031 mb

Wind: 5 mph E

Wind Gust: 0 mph

UV Index: 0

Precipitation: 0 mm

Clouds: 100%

Rain Chance: 0%

Visibility: 7 km

Sunrise: 7:56 am

Sunset: 4:24 pm

DailyHourly

Daily ForecastHourly Forecast

Today 9:00 pm

1° | 3°°C 0 mm 0% 4 mph 90 % 1031 mb 0 mm/h

Tomorrow 9:00 pm

1° | 5°°C 0 mm 0% 7 mph 93 % 1024 mb 0 mm/h

Mon Jan 20 9:00 pm

3° | 8°°C 0.26 mm 26% 6 mph 97 % 1019 mb 0 mm/h

Tue Jan 21 9:00 pm

4° | 8°°C 0 mm 0% 8 mph 95 % 1019 mb 0 mm/h

Wed Jan 22 9:00 pm

4° | 7°°C 1 mm 100% 4 mph 99 % 1012 mb 0 mm/h

Today 9:00 am

2° | 2°°C 0 mm 0% 2 mph 89 % 1031 mb 0 mm/h

Today 12:00 pm

3° | 5°°C 0 mm 0% 3 mph 83 % 1031 mb 0 mm/h

Today 3:00 pm

4° | 6°°C 0 mm 0% 3 mph 75 % 1028 mb 0 mm/h

Today 6:00 pm

3° | 3°°C 0 mm 0% 4 mph 88 % 1026 mb 0 mm/h

Today 9:00 pm

2° | 2°°C 0 mm 0% 3 mph 90 % 1025 mb 0 mm/h

Tomorrow 12:00 am

2° | 2°°C 0 mm 0% 3 mph 89 % 1024 mb 0 mm/h

Tomorrow 3:00 am

1° | 1°°C 0 mm 0% 3 mph 91 % 1022 mb 0 mm/h

Tomorrow 6:00 am

1° | 1°°C 0 mm 0% 3 mph 93 % 1021 mb 0 mm/h

Name	Price	24H (%)
Bitcoin(BTC)	€100,326.42	0.93%
Ethereum(ETH)	€3,193.60	-3.42%
XRP(XRP)	€3.04	-4.48%
Tether(USDT)	€0.97	-0.02%
Solana(SOL)	€231.29	10.47%
Dogecoin(DOGE)	€0.387292	-3.87%
USDC(USDC)	€0.97	0.00%
Shiba Inu(SHIB)	€0.000022	-6.11%
Pepe(PEPE)	€0.000019	-4.00%
Peanut the Squirrel(PNUT)	€0.52	-15.32%

Advanced Bug Hunting with Burp Suite (W63) – Ethical Hacking Course Online

Share:

Product Description

Leave a Comment Cancel Reply

Utility link

Useful link

Newsletter

Follow Us