Burp Web Security Academy – Apprentice Labs Walkthrough

Master the basics of Web Application Penetration Testing

Created by: Martin Voelk
Senior IT Security Consultant and Instructor

What Will I Learn?

• basic web application vulnerabilities
• getting started in web application penetration testing
• getting started in web application bug bounty
• preparing for the Burp Suite Certified Practitioner (BSCP) certification
• 52 ethical hacking & security videos
• Burp apprentice labs solved and explained step by step
• SQL injection
• Cross-site scripting (XSS)
• Cross-site request forgery (CSRF)
• Clickjacking
• Cross-origin resource sharing (CORS)
• XML external entity (XXE) injection
• Server-side request forgery (SSRF)
• OS command injection
• Directory traversal
• Access control vulnerabilities
• Authentication
• WebSockets
• Insecure deserialization
• Information disclosure
• Business logic vulnerabilities
• HTTP Host header attacks
• OAuth authentication
• File upload vulnerabilities
• JWT
• Essential skills
• Prototype pollution
• GraphQL API vulnerabilities
• Race conditions
• NoSQL injection
• API testing
• Web LLM attacks
• Web Cache Deception
• Apprentice Mystery Labs

Requirements

• Basic IT Skills
• Basic understanding of web technology
• No Linux, programming or hacking knowledge required
• Computer with a minimum of 4GB ram/memory
• Operating System: Windows / Apple Mac OS / Linux
• Reliable internet connection
• Burp Suite Community (Pro optional)
• Firefox Web Browser

Target audience

• Anybody interested in learning basic ethical web application hacking / penetration testing
• Anybody interested in learning basic ethical web application bug bounty hunting
• Anybody interested in learning how hackers hack web applications
• Developers looking to expand on their knowledge of vulnerabilities that may impact them
• Anyone interested in application security
• Anyone interested in Red teaming
• Anyone interested in offensive security