Login

Mastering Burp Suite Pro, 100% hands-on

"This is not a book about astronomy; rather, this is a book about telescopes" - PoC||GTFO Volume II

General

What is this training about?

Burp Suite Pro, Burp Suite Pro and Burp Suite Pro. Do not expect a generic Web penetration testing methodology. We will exclusively deal with the tooling.

What is included?

  • Four days of hands-on practice
  • An indexed and searchable slidedeck (more than 600 pages)
  • Custom configuration files for Burp Suite Pro, with the corresponding cheat-sheet of hotkeys
  • Copy of the whole training platform (around 20 containers and hundreds of challenges)
  • Burp Suite Pro installers and the corresponding temporary license
  • Access to private channels of our Discord server (technological watch, tips and tricks, help, ...)

How many attendees per session?

The number of attendees per public session is limited to 12 (twelve), in order to ensure a proper coaching.

What are the working hours?

Each training session runs for 4 consecutive days (usually from Tuesday to Friday) in a specific timezone. Each day goes from 09:00 to 18:00, with a lunch break from 12:00 to 13:30 and a few extra coffee breaks.

How to be notified of future sessions?

Subscribe to the newsletter (it was created for exactly this purpose).

I want to buy severals seats. Are group discounts a thing?

Absolutely, contact us for details. Please note that for groups larger than 8 to 10 people, private sessions may be more interesting.

Are private sessions possible?

Sure! But only in online mode time for now. Contact us if interested...

Is the credit card the only payment option?

Yes, if you plan to buy online (via Stripe). However, companies may pay by wire transfer (SEPA for European ones). Contact us if needed.

What about procurement platforms?

We are listed on SAP Ariba, a platform used by numerous multinationals. French public entities can use Chorus Pro (from orders to payments).

Attendees

Who should attend?

The training is aimed at experienced Web penetration testers and bug hunters. It will provide them with significant automation capabilities. We aim at a fast and comfortable testing workflow with as-short-as-possible feedback loops.

What are the prerequisites?

  • Working knowledge of common Web vulnerabilities (XSS, SQLi, SSRF, etc.)
  • Good knowledge of Burp Suite (at least UI navigation, traffic interception and replay)
  • A computer (not a netbook or a tablet), with as much screen estate as possible
  • VNC and SSH clients, in order to connect to the Cloud-hosted workstation
  • Discord and Zoom clients, as they provide more features than the corresponding Web apps

As much screen estate as possible? Really?

Yes! For this training, screen estate is paramount, as we will constantly switch between VNC, Zoom and Discord. Cheap temporary solutions, like plugging an old or borrowed monitor as a second screen, may be enough.

What about newcomers?

We recommend to people new to Burp Suite to first work on their own (some free resources are listed here). Taking this training should happen later, when they are already comfortable with the tool

I give or sell Burp related trainings. Can I register?

No. We don't accept people giving or selling Burp related courses. The goal is to protect both our intellectual property and the other side's growth, while preserving a "share everything" mood during the session itself.

Taxes

What is VAT?

We are based in the European Union, more precisely in France. That implies that we have, in some situations, to collect VAT (aka Value-added tax aka GST) from our customers. So don't be too surprised if you see prices "including VAT", depending on your geolocation. See below for your specific situation.

I'm not in the European Union...

If you're not buying from Europe, then no VAT is due. Short and easy...

I'm an European individual...

If you are buying from the European Union as an individual (and so have no EU VAT number), the usual process applies and we have to collect the VAT. Please contact us if you are in this situation.

I am buying for a French entity...

If you are buying for a French entity (company, public body, ...) with a valid EU VAT number, the usual process applies and we have to collect the VAT. You company will, as usual, get it back later.

I am buying for an European (but non-French) entity...

If you are buying for a non-French entity (company, public body, ...) with a valid EU VAT number , simply enter the VAT number in the tax settings dialog during checkout. VAT will be removed, according to the reverse charge rules.

I still have questions!

Yeah, taxes are complicated... Podia (the platform we use for selling) has a long and detailed article on this subject. Feel free to read it and to contact us if you have questions left!

Misc

Why this weird price of €3,133?

This is a long and complicated story ;-)

Who is is the copyright owner?

All the materials are and remain the intellectual and exclusive property of SARL AGARRI.

How to reuse training materials?

During the training, several items (slide deck, cheat sheet, Docker containers, etc.) are provided. Students can freely reuse them as long as they want. However, diffusion is strictly forbidden (even inside their employer or via private means).

Can I share my credentials whith a friend?

No. Communicating your login details to a third party is forbidden.

My question isn't listed. What should I do?

Don't be shy, ask us!