This workshop provides testers and developers with an overview of how the Burp Suite can be used for web testing. Even though Burp is primarily designed for penetration testers, its sophisticated feature set also makes it a great tool for anyone doing general bug hunting in web applications.

Participants will gain a general understanding of how web applications work under the hood, how to use Burp for troubleshooting and how to utilize its toolset to re-create error conditions through manual HTTP traffic manipulation. In the final steps, we'll take an in-depth look into how to leverage the Burp API through Python in convoluted scenarios.


Topics outline


The objective of the course is to provide the participants an overview of intercepting proxies and how they can be used for non-pentest related scenarios. By the end of the course the participants: