week 2 tutorial
week 2 tutorial
- check everyone is setup to go (mTLS + burp setup)
- admin/intro to course
- course resources/tips and ways to search for things
- intro challenges (off popular vote)
- TOPIC 1
- repeater & intruder & historian (burp fundamentals)
- HAAS
- beep boop
- avast ye
- no comment
- TOPIC 2
- mTLS
- sales
- support v0
- OAuth Demo
- epic router
- what is a JWT?
- MFA
- TOPIC 1
- hints w/ any of the other challenges
- topic 2 challenges
lecture content
Lectures:
admin
some internet basics, TCP, DNS
* writing a basic HTTP server in Python
* request/response format
* html
* forms
* headers
* GET/POST and url encoding
* equiv in Flask
* showing some burp usage in all that
* extended: recon (e.g. dirbuster, subdomain stuff)