Mastering Burp Suite Pro, 100% hands-on

"This is not a book about astronomy; rather, this is a book about telescopes" - PoC||GTFO Volume II

Abstract

This is a training for Web hackers who want to master their toolbox.

Burp Suite Pro is the leading tool for auditing Web applications at large, but also a complex beast where new features get added every few weeks. Mastering Burp Suite Pro, including its newest features, allows testers to get the most out of the tool, optimizing time spent auditing and testing. Work will be faster (hotkeys!) and much more efficient (more tools, more possibilities!). Attendees will also learn to measure and assess the quality of their attacks, a crucial skill in real-life engagements that can make the difference between a false-negative and a critical finding.
See detailed syllabus

Early bird pricing


Discounted price: €2,800
Up to four weeks before a session!


Register early ⏰ Get €333.70 off 🎁
Contact us for the session-specific coupon

Testimonials

Fantastic training @Agarri_FR! Many useful tips and tricks even for advanced pentesters!
@Synacktiv
If you wanna take your knowledge of BurpPro to next level then @Agarri_FR's training is definitely for you! Personal experience, recommended
@rnmx123
If you think you know Burp Suite, think again and take @Agarri_FR advanced training. Awesome content & tons of great labs.
@_titon_
See all testimonials

Key learning objectives

Menial tasks (like sharing requests among the different tools, applying common encodings or navigating the GUI) should be as fast and transparent as possible, in order to free time and brain power for harder subjects.

Recurrent tasks (like brute-forcing a CSRF-protected form, frobbing an opaque blob of data, logging-in automatically or doing 1-byte fuzzing of a specific parameter) should be executed without having to think too much about it, thanks to prior rehearsals.

Advanced tasks (like managing a complex state, dealing with a custom format or testing authorizations) should be doable exclusively in Burp Suite Pro, possibly with the help of session handling rules or specific extensions.

All these tasks require testers to live-assess themselves, in order to detect as early as possible any error and to allow for correction and self-improvement.

Format

Each training session lasts four consecutive days and is run in a specific time zone (like "UTC+1" or "UTC-5"). Each day is split in two 3-hour live sessions plus a 1-hour Q&A slot. Each live session includes a 15-minute break.

Days are structured as follows:
  • 09:00 – 12:00: live session
  • 13:30 – 16:30: live session
  • 17:00 – 18:00: Q&A slot

November 2020 - French

November 3rd to 6th, 2020
UTC+1 (France, Belgium, Switzerland, Maghreb, ...)
View course Enrollment is closed

December 2020 - English

December 15th to 18th, 2020
UTC+1 (Western Europe, Africa, ...)
View course €3,133.70

January 2021 - French

January 26th to 29th, 2021
UTC-5 (Canada, USA, Brazil, ...)
View course €3,133.70

February 2021 - English

February 9th to 12th, 2021
UTC+8 (Singapore, China, Australia, ...)
View course €3,133.70

March 2021 - English

March 9th to 12th, 2021
UTC-8 (USA, Canada, ...)

View course €3,133.70

Biography

Nicolas Grégoire has nearly 20 years of experience in penetration testing and auditing of networks and (mostly Web) applications. He is an official Burp Suite Pro trainer since 2015, and trained hundreds of people since then, either privately or during public events.
Follow @Agarri_FR on Twitter