- [Instructor] While there are many tools for web testing,…Burp Suite is the tool of choice…for most pen testers…and is the tool used for the pen testing series…of courses.…The Burp Suite Free Edition comes…as one of the tools prebuilt into Kali…in the Applications, Web Applications Analysis menu,…and it appears on the Favorites toolbar.…Let's start it up.…The Free Edition only allows temporary projects…and a license is required if we want…to store projects on disk,…which is usually required…when doing a full customer website test.…
However, the temporary project will be fine…for our testing.…Burp Suite creates a new project…and opens the main screen.…The Burp Suite menu is at the top left…and offers five main menu items,…Burp, Intruder, Repeater, Window, and Help.…Below the menu is the Burp Activity tabs.…These allow the various types of Burp activity to be run.…Let's initially select Scanner.…Here we get a description of the Burp Suite.…
The first tab is Target,…which has two of its own tabs called Site and Scope.…
Author
Malcolm Shore
Released
10/23/2017Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 14s
-
Course disclaimer1m 8s
-
-
1. What is Pen Testing?
-
Pen testing overview8m 54s
-
The cyber kill chain7m 1s
-
-
2. Pen Testing Tools
-
An Nmap refresher4m 33s
-
A Netcat refresher4m 39s
-
-
3. Bash Scripting
-
Refreshing your bash skills2m 29s
-
Using functions in bash1m 19s
-
-
4. Python Scripting
-
Using the system functions1m 47s
-
Using networking functions1m 47s
-
Working with websites3m 48s
-
Accessing SQLite databases1m 51s
-
5. Kali and Metasploit
-
A Kali refresher2m 23s
-
Fuzzing with Spike2m 38s
-
A refresher on Metasploit4m 48s
-
Exploiting with Armitage6m 8s
-
-
6. Web Testing
-
Approaching web testing3m 31s
-
Fingerprinting webservers4m 44s
-
-
7. Understanding Exploit code
-
Exploiting a target8m 26s
-
Understanding code injection14m 15s
-
Finding exploit code2m 35s
-
-
Conclusion
-
What's next1m 27s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Testing websites with Burp Suite