Master Burp Suite in Just 1 Hour 🕒
Learn how to use Burp Suite efficiently in only 1 hour with this practical guide, avoiding lengthy technical docs.
Netsec Explained
318.0K views • Sep 20, 2023
About this video
One of the most common problems with modern tutorials for tools is that they tend to sound a lot like man-pages or documentation. For instance, they'll tell you all about the little command flags, all the little buttons you can click on; but something that they seem to miss out on is "WHY you would use each of these options?"
So, for this video, we're going to do things a little different. Instead, I'm going to walk you through a typical pentest, and we're going to see where you should use each tool within Burp Suite along the way.
* How to spin up Juice Shop on Docker - https://www.youtube.com/watch?v=xwcPgeEFnuM
* Juice Shop Heroku - https://juice-shop.herokuapp.com/
0:00 Intro
0:57 Setup
1:57 Reconnaissance Steps
2:16 Application Mapping
5:42 Parameter Tampering
9:44 Finding Secrets
14:01 Registration/Login Flow
20:03 Analyzing JWT Tokens
23:16 Special Message
25:25 Exploiting IDOR
26:21 Burp Intruder Workflow
28:06 Advanced Intruder Settings
33:03 Finding Logic Flaws
37:30 Exploiting Logic Flaws
39:31 Success & Homework for you
40:23 Putting it all together (Another logic flaw)
49:26 Stealing Christmas
49:52 How you know you're done
50:50 Wrap up
#infosec #bugbounty #pentesting #hacking #cybersecurity #burpsuite
So, for this video, we're going to do things a little different. Instead, I'm going to walk you through a typical pentest, and we're going to see where you should use each tool within Burp Suite along the way.
* How to spin up Juice Shop on Docker - https://www.youtube.com/watch?v=xwcPgeEFnuM
* Juice Shop Heroku - https://juice-shop.herokuapp.com/
0:00 Intro
0:57 Setup
1:57 Reconnaissance Steps
2:16 Application Mapping
5:42 Parameter Tampering
9:44 Finding Secrets
14:01 Registration/Login Flow
20:03 Analyzing JWT Tokens
23:16 Special Message
25:25 Exploiting IDOR
26:21 Burp Intruder Workflow
28:06 Advanced Intruder Settings
33:03 Finding Logic Flaws
37:30 Exploiting Logic Flaws
39:31 Success & Homework for you
40:23 Putting it all together (Another logic flaw)
49:26 Stealing Christmas
49:52 How you know you're done
50:50 Wrap up
#infosec #bugbounty #pentesting #hacking #cybersecurity #burpsuite
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
318.0K
Likes
8.5K
Duration
51:29
Published
Sep 20, 2023
User Reviews
4.8
(63) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.
No specific trending topics match this video yet.
Explore All Trends