Null offensive hacking hands-on training.
Proposed sessions for this event:
- Penetration Testing Web Application and Web Services with Burpsuite by Praveen Kumar K
- Penetration Testing Web Application and Web Services with Burpsuite by Arun.S
Registrations will close on May 4th 10:00 PM or when the registration count reaches 40 (which ever happens first). Only the participants who registered will be sent a confirmation email with the venue details.
Topics
Burp Suite Essentials
• Basics of burp suite and Proxy configuration, local and remote proxy.
• Invisible proxy for thick clients
• Import Burp SSL cert in Firefox
• Site map, Scope, filters, highlight , Compare site map
• Socks proxy – SSH, Tor
• Spider, Repeater, Sequencer, Decoder, Comparer, Project Options, User Options, Alerts.
Burp Suite Tips and Tricks
• User Options
• History auto scroll
Burp Suite Intruder
• Limitations of burp free version intruder ,
• compensating with dirbuster and other brute force tools
• Payload from seclist
• Payload processing
• Grep match
Burp Suite Extensions
• Free and Pro Extensions
• Automatic and Manual Installations – setting lib in folder
• Default Data parsing by burp - Parameters, XML, AMF, Viewstate
• Data Parsing with Extensions - Json Decoder, javascript
Pen testing Web application and Web service with Burp Suite
• Mapping Web application
• OWASP Top 10 vulnerabilities
• Chain Postman with Burp for web services testing
Please read the following hardware and software pre-requisites carefully. This will enable us to have a smooth, hassle free session.
Hardware pre-requisites (Mandatory)
• A laptop capable of running Virtual Box. You can test this by installing Virtual Box and creating a test VM.
• Atleast 4 GB of RAM
• Atleast 20 GB of free space (to copy the VM that will be distributed)
• x64 bit Laptop with full administrative access to avoid the setup issues.
Software pre-requisites (Mandatory)
• Oracle Virtual Box (Any version higher than 5.1). Please install this and come before the session. VMWare folks will be on their own.
• You can also download the Virtual Box Setup, Extension Packs, .ova file & other tools from this link: Link
• Please import the shared.ova file in Virtual Box before coming to the session and make sure it’s up & working. (If you couldn’t setup, please come to the venue 30mins prior to the session.)
• Burp Suite Free Edition (Jar File).
• Firefox/Chrome with Foxy Proxy/Proxy Switchy Sharp Add-on.
Date | Saturday May 06 2017 |
---|---|
Chapter | Bangalore |
Registrations | 38 |
Max Registrations | 40 |
Event Type | Invite Only |
Start Time | 09:30 AM |
End Time | 06:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Penetration Testing Web Application and Web Services with Burpsuite | Praveen Kumar K | 09:30 AM | 06:00 PM | |
Penetration Testing Web Application and Web Services with Burpsuite | Arun.S | 09:30 AM | 06:00 PM |