Sign up to save your podcasts
Or
Share Course 1 - BurpSuite Bug Bounty Web Hacking from Scratch | Episode 1: Installing Burp Suite, OWASP BWA, and Bee-Box (Bwapp)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Course 1 - BurpSuite Bug Bounty Web Hacking from Scratch | Episode 1: Installing Burp Suite, OWASP BWA, and Bee-Box (Bwapp)
In this lesson, you’ll learn about:
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- Setting up a web security testing lab to practice web application security, pentesting, and exploiting common web vulnerabilities.
- Burp Suite — installation & overview: Java requirement (Oracle Java), download from portswigger.net, available editions: Community (free, limited/no scanners/payloads) and Professional (paid, includes passive/active scanners and built-in payloads), and installation options (Windows executables or cross-platform JAR).
- OWASP Broken Web Applications (BWA): purpose as a vulnerable VM for learning and testing; requires VirtualBox and is imported as a ready OS image (no new VM creation); includes apps like WebGoat and Mutillidae; default VM credentials (root / OWSP DWA).
- Bee-Box (Bwapp) VM: Bee-Box ships with bwapp (deliberately insecure web app) for hands-on practice; covers OWASP Top 10 flaws and other common issues; practice modes (low/medium/high); downloaded from SourceForge and run in virtualization software (e.g., VMware); access via VM IP and default bwapp creds (B / bug).
- Practical workflow: use Burp Suite as the main inspection/proxy tool against the vulnerable VMs (BWA, Bee-Box) to practice discovery, exploitation, and remediation techniques.
- Learning goal / metaphor: this episode provides your core toolkit — the primary assessment tool (Burp Suite) and two practice targets (BWA and Bee-Box) for safe, repeatable skill development.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
View all episodes
By CyberCode AcademyIn this lesson, you’ll learn about:
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
- Setting up a web security testing lab to practice web application security, pentesting, and exploiting common web vulnerabilities.
- Burp Suite — installation & overview: Java requirement (Oracle Java), download from portswigger.net, available editions: Community (free, limited/no scanners/payloads) and Professional (paid, includes passive/active scanners and built-in payloads), and installation options (Windows executables or cross-platform JAR).
- OWASP Broken Web Applications (BWA): purpose as a vulnerable VM for learning and testing; requires VirtualBox and is imported as a ready OS image (no new VM creation); includes apps like WebGoat and Mutillidae; default VM credentials (root / OWSP DWA).
- Bee-Box (Bwapp) VM: Bee-Box ships with bwapp (deliberately insecure web app) for hands-on practice; covers OWASP Top 10 flaws and other common issues; practice modes (low/medium/high); downloaded from SourceForge and run in virtualization software (e.g., VMware); access via VM IP and default bwapp creds (B / bug).
- Practical workflow: use Burp Suite as the main inspection/proxy tool against the vulnerable VMs (BWA, Bee-Box) to practice discovery, exploitation, and remediation techniques.
- Learning goal / metaphor: this episode provides your core toolkit — the primary assessment tool (Burp Suite) and two practice targets (BWA and Bee-Box) for safe, repeatable skill development.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy