Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

Great academy, but could do with a few minor improvements

Lucas | Last updated: Jan 09, 2023 06:58PM UTC

The first would have to be the wiener:peter login id and password. It's a bit childish. I can understand the humor, but I bet it's gonna rub women the wrong way. Just a minor thing. The main issue I have is with the Business Logic Vulnerability section. There should be some kind of hint given or better examples. Like for the "Inconsistent handling of exceptional input" section, there could be a hint that says: "I wonder what would happen with a really long email?" It would just point the person in the right direction. Or the "Low-level logic flaw" there could be a hint like, "How many products are too many?" I can't imagine anyone solving these things without spending a multitude of hours trying to figure this stuff out. While I understand finding things like this in the wild would take a long time, this should be focused more on learning and not having to spend a crazy amount of time trying to even guess at the right direction. I really love what you have all done though, thanks for creating this!!

Lucas | Last updated: Jan 09, 2023 07:33PM UTC

I think just those 2 business logic examples were the problem children. The rest of them are easy enough to figure out.

Michelle, PortSwigger Agent | Last updated: Jan 10, 2023 02:21PM UTC

Thanks for the feedback. We've passed that on to the team :)

You need to Log in to post a reply. Or register here, for free.