Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

exploit server

sania | Last updated: Jan 23, 2021 11:36PM UTC

Hi, How do I create an exploit server (like the one in portswigger.net academy) to use for pen-testing of real client's website? In other words, what do I need to be able to craft an exploit that is send to a vulnerable website/server and to be able to view logs, etc? Perhaps, I need a domain name, a virtual machine?

sania | Last updated: Jan 26, 2021 10:37PM UTC

Hello, Okay, you might think I am clueless and you are right. Any directions where you can point me to get myself educated would be appreciated. I have started learning online about pen-testing and Burp during the pandemics. I quit being a dental hygienist in the hope of being able to work from home one day. So I won't be offended if you tell me I need to go back to the basics.

Michelle, PortSwigger Agent | Last updated: Jan 27, 2021 10:58AM UTC

Thanks for getting in touch and good luck with your new journey :-) The Exploit Server is just something that we use in our Web Academy in order to make delivering exploits easier for the user. Some of the topics covered would require you to host exploits for victim users to access - we simulate this with the Exploit Server and dummy victim users. In a real-world scenario, you would likely have to have your own server setup in order to host and deliver exploits. Our support service is here to provide technical advice around Burp Suite itself but we have many users participating in this forum who may be happy to share their experiences and tips on resources they have used to get themselves started. You might also enjoy this article and checking out some of the other resources mentioned in it: https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher

sania | Last updated: Jan 27, 2021 06:02PM UTC

Michelle, Thanks for your helpful response. I have so much to learn.

Prince | Last updated: Apr 12, 2024 10:20AM UTC

Hey Sania, how you created your own exploit server can you explain please?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.