Null offensive hacking hands-on training.
Proposed sessions for this event:
- Penetration Testing Web Application and Web Services with Burpsuite by Praveen Kumar K
- Penetration Testing Web Application and Web Services with Burpsuite by Arun.S
Registrations will close on May 4th 10:00 PM or when the registration count reaches 40 (which ever happens first). Only the participants who registered will be sent a confirmation email with the venue details.
Burp Suite Essentials
• Basics of burp suite and Proxy configuration, local and remote proxy.
• Invisible proxy for thick clients
• Import Burp SSL cert in Firefox
• Site map, Scope, filters, highlight , Compare site map
• Socks proxy – SSH, Tor
• Spider, Repeater, Sequencer, Decoder, Comparer, Project Options, User Options, Alerts.
Burp Suite Tips and Tricks
• User Options
• History auto scroll
Burp Suite Intruder
• Limitations of burp free version intruder ,
• compensating with dirbuster and other brute force tools
• Payload from seclist
• Payload processing
• Grep match
Burp Suite Extensions
• Free and Pro Extensions
• Automatic and Manual Installations – setting lib in folder
• Default Data parsing by burp - Parameters, XML, AMF, Viewstate
Pen testing Web application and Web service with Burp Suite
• Mapping Web application
• OWASP Top 10 vulnerabilities
• Chain Postman with Burp for web services testing
Please read the following hardware and software pre-requisites carefully. This will enable us to have a smooth, hassle free session.
Hardware pre-requisites (Mandatory)
• A laptop capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
• Atleast 4 GB of RAM
• Atleast 20 GB of free space (to copy the VM that will be distributed)
• x64 bit Laptop with full administrative access to avoid the setup issues.
Software pre-requisites (Mandatory)
• Oracle Virtual Box (Any version higher than 5.1). Please install this and come before the session. VMWare folks will be on their own.
• You can also download the Virtual Box Setup, Extension Packs, .ova file & other tools from this link: Link
• Please import the shared.ova file in Virtual Box before coming to the session and make sure it’s up & working. (If you couldn’t setup, please come to the venue 30mins prior to the session.)
• Burp Suite Free Edition (Jar File).
• Firefox/Chrome with Foxy Proxy/Proxy Switchy Sharp Add-on.
|Date||Saturday May 06 2017|
|Event Type||Invite Only|
|Start Time||09:30 AM|
|End Time||06:00 PM|
|Name||Speaker||Start Time||End Time||Resources|
|Penetration Testing Web Application and Web Services with Burpsuite||Praveen Kumar K||09:30 AM||06:00 PM|
|Penetration Testing Web Application and Web Services with Burpsuite||Arun.S||09:30 AM||06:00 PM|