What are the most common security vulnerabilities in web applications? What does an attacker need to do to find and exploit them? And how can developers protect their web applications against them? Answers to these questions as well as practical hands-on examples are provided by PortSwigger’s Web Security Academy.
The Web Security Academy (PortSwigger) is an open-access online education platform with detailed explanations and exercises on currently more than 20 types of vulnerabilities that can be found in web applications. In April 2019, the platform was launched by PortSwigger, the same company behind the “Burp Suite”– the Swiss army knife for web app penetration testing. Although the Academy, including the voluntary certification, is aimed at Burp Suite users, web developers and other security enthusiasts can also benefit from the informative and interactive learning materials.
Is the Web Security Academy perhaps something for you or for your employees? To make it easier for you to answer this question, this article summarises the two key elements of the Academy: the training and the certification as a “Burp Suite Certified Practitioner”.
Training: Learning Materials and Vulnerability Labs
The Academy includes the most important web security topics – from classic SQL injection to complex attack techniques such as web cache poisoning or HTTP request smuggling – and is constantly being expanded. As of today, there are 22 topics for each of which the Web Security Academy provides two complementary resources: the “Learning Materials” and the “Vulnerability Labs”.
Learning Materials
The Learning Materials contain all the necessary background information to understand how the relevant vulnerability is caused, how to find it, how it can be exploited and how to protect a web application against it. The explanations are written in an understandable and comprehensible way and are supplemented by diagrams and concrete code examples. If you want to work your way through all the topics, you can follow a predefined learning path. However, the individual learning materials are mostly independent of each other, so you can also use them to learn more about individual vulnerabilities.
Vulnerability Labs
To apply the knowledge from the Learning Materials using realistic examples, there are the so-called Vulnerability Labs. The labs can be thought of as personal, isolated test applications where learners can legally search for vulnerabilities and exploit them. To prevent learners from getting in each other’s way during testing, the relevant web application is started up individually for each user. Therefore, the use of the labs requires registering a free user account. The labs come in three levels of difficulty: Apprentice, Practitioner and Expert. Those who can solve all labs at the Apprentice and Practitioner levels are ready for the Burp Suite Certified Practitioner certification.
Certification: Burp Suite Certified Practitioner
Although the certification certifies experienced use of Burp Suite, it requires and examines much more than mere user knowledge. Those who pass the Burp Suite Certified Practitioner are able to check web applications for a variety of vulnerabilities, bypass inadequate protection mechanisms and successfully exploit existing security holes – everything that makes a proven web app penetration tester. For this reason, the Burp Suite Certified Practitioner certification, along with the established Offensive Security Certified Professional (OSCP) certification, has been part of our training plan for new penetration testing employees since this year.
If you would like to know more about our experience with PortSwigger’s Web Security Academy, please feel free to contact Oneconsult’s Penetration Testing team at any time.
About the Author
Mathias Blarer studied Computer Science at ETH Zurich and obtained his Master’s degree on the Information Security specialization track in November 2021. In his Master’s thesis, he designed a protocol for the negotiation of trustworthy communication paths between two hosts, based on the SCION Internet architecture. During his studies, he worked for a leading Swiss web application firewall (WAF) producer, where he was in charge of their own Bug Bounty program and also fixed the reported vulnerabilities. Mathias Blarer has been working as a Penetration Tester at Oneconsult since January 2022.
