I’m continuing my studying for the Comptia Pentest+ and wanted to walk through another one of the rooms in the TryHackMe learning path for the Pentest+. In the video below, we reviewed and completed the tasks in the Burp Suite room. Burp Suite, is a framework of web application pentesting tools, and is arguably the most widely used tool set when it comes to conducting web pentesting. In this lab, we took a look at the basics of installing and using this tool as well as it’s various major components : Proxy, Responder, Intruder, Sequencer, Encoder/Decoder, Extender, and the Burp Suite Pro Scanner. As always, this is a lab for learning purposes only. Don’t use a tool like this on any IT systems that do not belong to you or that you don’t have authorized permission to do so.
Below I’m going to share with you my answers when going through the knowledge checks in the different tasks in the room. Definitely try to work through the problems as much as you can. In this particular room, there are a few tasks that don’t require you to answer any questions, so those tasks are omitted from the screenshots below. Make sure to follow along in the video so you understand what you need to do to get the answers below.
Burp Suite Task 4 – Overview of Features
Burp Suite Task 6 – Proxy
Burp Suite Task 7 – Target Definition
Burp Suite Task 8 – Puttin’ it on Repeat[er]
Burp Suite Task 9 – Help! There’s an Intruder!
Burp Suite Task 10 – As it turns out the machines are better at math than us
Burp Suite Task 11 – Decoder and Comparer
Burp Suite Task 12 – Installing some Mods [Extender]
Burp Suite Task 13 – But wait, there’s more!
Network Knowledge Wrap Up
Keep an eye out as I continue to work through other TryHackMe CompTIA Pentest+ rooms!
Here is the Comptia Pentest+ training book bundle I’m using. (Affiliate Link)