for Application Security Professionals
A deep dive into many of the features of Burp Suite Professional Edition, one of the most utilized pieces of software by application security professionals. The curriculum includes, but is not limited to, the following:
The basics (plus a lot of nuggets on how I set it up and use it in my personal application security testing projects and penetration testing assessments)
Advanced scoping (simple and with regex)
Sitemap and Scanner (plus how I filter for noise traffic so that I can have a seamless testing experience)
Repeater (probably the most utilized feature of this toolkit. This is one of my favorite features)
Intruder (and different types of attacks depending on the context you find yourself in)
Decoder (how to encode/decode different types of inputs on the go, without having to use other external tools)
Comparer (byte-to-byte and word-to-word comparison of different input - very useful in authorization testing)
Sequencer (with an insightful use case where we determine the entropy of a token)
BApp Store (and my top favorite extensions)
and many more, including practical examples and how I use Burp Suite myself as an AppSec professional.
This course uses Burp Suite Professional Edition. You do not need to own a professional edition of this software, but it would be preferable if you do, as it would allow you to finely replicate all the practical examples in the course.