Ainda falando sobre Burp Suíte, encontrei mais um conjunto de vídeos bem bacanas e focados na galera que está começando a utilizar a ferramenta.

kaoticcreations Series:

http://kaoticcreations.blogspot.gr/2011/11/burp-suite-part-i-intro-via-sql.html

http://kaoticcreations.blogspot.gr/2011/11/burp-suite-part-ii-sql-authentication.html

http://kaoticcreations.blogspot.gr/2011/12/burp-suite-part-iii-lfi-exploitation.html

http://kaoticcreations.blogspot.gr/2012/01/burp-suite-part-v-mapping-target.html

http://kaoticcreations.blogspot.gr/2011/12/burp-suite-part-iv-lfi-exploit-via-log_20.html

http://kaoticcreations.blogspot.gr/2012/01/burp-suite-part-vi-more-fun-exploiting.html

http://kaoticcreations.blogspot.gr/2012/01/burp-suite-part-vii-lfi-exploit-via.html

You will need these:
http://uppit.com/qx1pyr8fze7n/burp.zip
http://uppit.com/crmbg2zgg5b8/burp_pack.zip

SANS Tutorial for BURP Intruder :

http://www.sans.org/reading-room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder-33214?show=fuzzing-approach-credentials-discovery-burp-intruder-33214&cat=testing

BURP Suite tutorials by Jeremy Druin (webpwnized):

http://www.youtube.com/user/webpwnized/search?query=burp-suite

 

Mais um link com um material bem bacana. .

http://thenewbostonstore.com/products/website-security-and-penetration-testing-with-burp-suite

Atualização***

Acabei encontrando mais estes links aqui:

How to pentest iphone apps with BURP:
http://jordan-wright.github.io/blog/2013/11/07/how-to-pentest-iphone-apps-with-burp/

“Reversing” Non-Proxy Aware HTTPS Thick Clients w/ Burp

http://blog.spiderlabs.com/2014/02/reversing-non-proxy-aware-https-thick-clients-w-burp.html

O download da ferramenta poderá ser feito a partir do seguinte link, tendo como senha labmentor.net

 

Compartilhar:

Deixe uma resposta

Fechar Menu