Just completed the training Aug (27~29) on Mastering Burp Suite Pro: 100% Hands-on.
This is one of the HITB Technical training series by Nicholas Gregoire, one of the best Burp Suite Pro subject matter expert (SME) in the world.
Day 1
- Introduction to Burp: GUI, tools, audit workflow, inline help, …
- Proxy module: scope, filters, sorting, …
- Repeater module: exploitation of the D-Link DIR-100 backdoor, efficiency tips, …
- Intruder module: covering every attack type and most payload types
Day 2
- Advanced Proxy module: live modifications, interception and manual analysis, …
- Sequencer module: token analysis
- Advanced Intruder module: reusing configuration options, non default columns, …
- Auth module: horizontal and vertical privileges escalation
Day 3
- Macros and sessions module: transparent management of anti-CSRF tokens and short sessions
- Extensions module: catalog of public extensions, developing your own, REST API, …
- Recently added tools: Collaborator, ClickBandit, Infiltrator