Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Academy : Is there a Newbie "Academy 101" How to document / URL

David | Last updated: Jun 10, 2024 04:04PM UTC

So I see 3 pointers to getting started : 1. read, 2. practise , 3. track I really need a pointer to option 2 - practise - Can I use Burp Suite Community Edition for all/most of the labs ?. I'm doing this off my own time and cash (if required) and am not looking to do this as a career (I'm way too old !) - but as a exercise in learning. I did some simple HTB CTF's last year and there were some pointers on getting started - e.g. create a VM with Kali and setting up a connection to the HTB servers - which is all I needed to have some fun. - Is there something I can read /view to do the same with the lab's in the Academy ? - don't want the lab answers - just a pointer to say -1. Create a VM, Install ABC on it, point off to www.<some academy URL>.com and then watch this video (yes there is on on this) for trying your first scan / manipulate the URL and resend to the site.. Sorry if this is simplistic for most people who come here.. but like Michaelangelo at 87 - I'm still learning.

Ben, PortSwigger Agent | Last updated: Jun 11, 2024 06:47AM UTC

Hi David, Yes, you can use the free Burp Community edition for around 95% of the labs (there are a small hand full of labs that do require the use of Burp Professional due to using the Burp Collaborator tool but the vast majority do not). With Burp installed on your machine all you really then need is to sign up to an account on our Web Academy and you can view the learning materials and access the labs, for free, from your browser. If you are completely new to Burp and the world of web application testing you can also follow the 'getting started' guide on the page below to get to grips with some simple tasks (such as proxying your HTTP traffic, modifying requests, manually sending requests with Repeater etc): https://portswigger.net/burp/documentation/desktop/getting-started We have recently started creating topic learning paths which should help guide users through specific topics (both in terms of learning and then practicing the output of this learning in the appropriate lab). The recommendation would be to start with the SQL Injection or Authentication learning paths (these are probably, conceptually, the easiest topics to understand) and work your way through them. Good luck in your journey!

David | Last updated: Jun 13, 2024 03:56PM UTC

Many thanks for the link - Just what I'm after. If there isn't one - could I suggest that the academy has a link to the URL posted above. I'll crack on with the learning paths suggested and have a bash (no pun intended) at the labs.

Hannah, PortSwigger Agent | Last updated: Jun 14, 2024 12:11PM UTC