Mastering Burp Suite Pro, 100% hands-on

"This is not a book about astronomy; rather, this is a book about telescopes" - PoC||GTFO Volume II


What is this training about?

Burp Suite Pro, Burp Suite Pro and Burp Suite Pro. Do not expect a generic Web penetration testing methodology. We will exclusively deal with the tooling.

What is included?

  • Four days of hands-on practice
  • An indexed and searchable slidedeck (more than 600 pages)
  • Custom configuration files for Burp Suite Pro, with the corresponding cheat-sheet of hotkeys
  • Copy of the whole training platform (around 20 containers and hundreds of challenges)
  • Burp Suite Pro installers and the corresponding temporary license
  • Access to private channels of our Discord server (technological watch, tips and tricks, help, ...)

How many attendees per session?

The number of attendees per public session is limited to 12 (twelve), in order to ensure a proper coaching.

How to be notified of future sessions?

Subscribe to the newsletter (it was created for exactly this purpose).

I want to buy severals seats. Are group discounts a thing?

Absolutely, contact us for details. Please note that for groups larger than 8 to 10 people, private sessions may be more interesting.

Are private sessions possible?

Sure! But only in online mode time for now. Contact us if interested...

Is the credit card the only payment option?

Yes, if you plan to buy online (via Stripe). However, companies may pay by wire transfer. Contact us if needed.


Who should attend?

The training is aimed at experienced Web application penetration testers and bug hunters, and will provide them with significant automation capabilities. We aim at a fast and comfortable testing workflow with as-short-as-possible feedback loops.

What are the prerequisites?

  • Working knowledge of common Web vulnerabilities (XSS, SQLi, SSRF, etc.)
  • Good knowledge of Burp Suite (at least UI navigation, traffic interception and replay)
  • A computer (no Netbooks, no Tablets, no iPads), with as much screen estate as possible
  • VNC and SSH clients, in order to connect to the Cloud-hosted workstation
  • Discord and Zoom clients, as they provide more features than the corresponding Web apps

What about newcomers?

We recommend to people new to Burp Suite to first work on their own (some free resources are listed here). Taking this training should happen later, when they are already comfortable with the tool


What is VAT?

We are based in the European Union, more precisely in France. That implies that we have, in some situations, to collect VAT (aka Value-added tax aka GST) from our customers. So don't be too surprised if you see prices "including VAT", depending on your geolocation. See below for your specific situation.

I'm not in the European Union...

If you're not buying from Europe, then no VAT is due. Short and easy...

I'm an European individual...

If you are buying from the European Union as an individual (and so have no EU VAT number), the usual process applies and we have to collect the VAT. Please contact us if you are in this situation.

I am buying for a French entity...

If you are buying for a French entity (company, public body, ...) with a valid EU VAT number, the usual process applies and we have to collect the VAT. You company will, as usual, get it back later.

I am buying for an European (but non-French) entity...

If you are buying for a non-French entity (company, public body, ...) with a valid EU VAT number , simply enter the VAT number in the tax settings dialog during checkout. VAT will be removed, according to the reverse charge rules.

I still have questions!

Yeah, taxes are complicated... Podia (the platform we use for selling) has a long and detailed article on this subject. Feel free to read it and to contact us if you have questions left!


Why this weird price of €3,133.7?

This is a long and complicated story ;-)

Who is is the copyright owner?

All the materials are and remain the intellectual and exclusive property of SARL AGARRI.

How to reuse training materials?

During the training, several items (slide deck, cheat sheet, Docker containers, etc.) are provided. Students can freely reuse them as long as they want. However, diffusion is strictly forbidden (even inside their employer or via private means).

Can I share my credentials whith a friend?

No. Communicating your login details to a third party is forbidden.

My question isn't listed. What should I do?

Don't be shy, ask us!