تقييمات الطلاب
( 5 من 5 )
١ تقييمات
فيديو شرح Complete Guide to BurpSuite Intruder TryHackMe Junior Penetration Tester ضمن كورس اختبار اختراق المواقع شرح قناة Motasem Hamdan Cyber Security & Tech، الفديو رقم 27 مجانى معتمد اونلاين
In this video walk-through, we covered BurpSuite Intruder, Comparer, Sequencer and Extender as part of TryHackMe Junior Penetration Tester Pathway.
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
Writeup
https://motasem-notes.net/complete-guide-to-burpsuite-intruder-tryhackme-junior-penetration-tester/
TryHackMe Burp Suite: Intruder & Burp Suite: Other Modules
https://tryhackme.com/room/burpsuiteintruder
https://tryhackme.com/room/burpsuiteom
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
Instagram
https://www.instagram.com/mastermindstudynotes/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/mastermindstudynotes/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
0:00 - Introduction and Overview of Burp Suite Tools
0:14 - Focus on Burp Suite Intruder Module
0:59 - Proxy Setup and Intercepting Requests
2:14 - Using Burp Suite Intruder for Brute Force Attacks
4:08 - Sending Requests to Intruder and Configuring Payloads
6:28 - Understanding Attack Types in Intruder
10:54 - Sniper Mode Explanation and Usage
11:55 - Battering Ram Mode Explanation
13:21 - Pitchfork Mode for Multiple Payloads
15:14 - Cluster Bomb Mode for Exhaustive Combinations
16:27 - Using Cluster Bomb for Credential Testing
19:00 - Monitoring Response Length for Successful Attempts
19:52 - Example Username and Password Found
20:58 - Fuzzing Support Tickets with Burp Suite Intruder
23:15 - Setting Up Intruder for URL Parameter Fuzzing
25:37 - Generating a Wordlist for Fuzzing
27:27 - Running Intruder Attack for Fuzzing Support Tickets
29:11 - Finding the Flag in Support Ticket Number 83
29:44 - Introduction to Other Burp Suite Modules
31:00 - Testing Session Cookies and CSRF Tokens with Macros
33:00 - Using Macros to Test Cookie Strength
34:31 - Explanation of Burp Suite Decoder Tool
35:12 - Base64 Encoding and Decoding Example
36:28 - URL Decoding with Burp Suite
37:16 - Encoding and Decoding Multiple Formats (Base64, Hex, Octal)
38:05 - Hashing Data with Burp Suite
39:01 - Finding the Correct SSH Key Using MD5 Hashes
41:53 - Overview of Burp Suite Comparator and Sequencer
42:42 - Using Burp Suite Sequencer to Test Session Cookie Randomness
46:10 - Analyzing CSRF Token Entropy with Sequencer
47:14 - Conclusion and Final Thoughts on Burp Suite Tools