Start of the RED TEAM SERIES - Introduction to BurpSuite Part I
A comprehensive guide to the ultimate web app pentesting tool
Hello Hoodies.
I’m SO EXCITED to finally introduce you to the RED TEAM SERIES.
But first…
We still have seats left in the Zero to Hoodie Cybersecurity Bootcamp -Cohort 0.
We sold out of the first 10 seats in 25 hours, so we added instructors, a second section, and 10 more seats.
If you want to get in on this fast paced 12 week fast track to a cyber career, register now:
If you want to learn this content self paced, you still can for $20/month, and joing the 8 hoodies making a combined total of almost $600,000:
Enough promotion - let’s dive in!
The RED TEAM SERIES is here to teach you how to hack.
While it is true that I’m a Certified Ethical Hacker, I have not done nearly as much in the field in the way of penetration testing as others have done
So to bring you the best that Kali Linux has to offer, I’ve partnered with a hoodie who will go by the name of “Hoodie X”.
He’s been in the game for a long time and it shows. He’s going to be helping me write the RED TEAM SERIES.
The goal of this series is multipart:
Teach you how to use tools
Use them to complete CTFs so you can see how they’re used in practice
For this post, we’ll be using burp community edition (the free one) but burp pro has some sweet features if you’re going to do pentesting full time that make it worth your while.
Even in my limited pentesting experience, I’ve used burp MANY TIMES both professinoally and for CTFs (and there are things in this post that I learned about myself!)
Prerequisites required are a STRONG understanding of Networking and the following stack post on HTML Forms (this is where it really matters):
Now let’s get going!
Hey there, Hoodies! In this article, you will get to see the famous and most used web application penetration testing tool BurpSuite in action.
You will see from installing the burp suite to using it to find real vulnerabilities on web applications. Let’s dive into it.
What is BurpSuite?
BurpSuite is a VAPT( Vulnerability Assessment and Penetration Testing) tool for web applications.
Using burp suite you can intercept any web request and responses including HTTPS and temper them on the go to find the vulnerabilities in web applications.
Burp combines some very useful tool sets like a proxy, repeater, intruder, decoder, etc.
It has three editions. These are the Community Edition, Professional Edition, and the Enterprise Edition.
In this blog, we will be looking at the Community Edition because it’s completely free of cost. To know more about the editions you can check out portswigger.
Installation
Kali Linux(Debian)
Most beginners use Kali Linux at the start. So, in kali Linux installing the burp suite is very easy.
Just use those 2 commands `sudo apt update` and `sudo apt install burpsuite. That's it now just type burp suite on the terminal you will see burp is running.
