Intercepting Your First Request
Learn how Burp sits between your browser and a web application so you can inspect HTTP requests and responses.
ProxyHTTPBurp Browser
Burp Suite Learning Hub › Tutorial Library
Tutorial Library
All Burp Suite video tutorials from Aspect. Each covers one concept using safe, authorized practice targets and is designed to be completed in under 20 minutes.
Using Repeater
Learn how to resend, modify, and compare HTTP requests while testing safely on authorized targets.
RepeaterRequestsManual Testing
Understanding Cookies and Sessions
Learn what session cookies are, why they matter for web security, and how Burp helps inspect them.
CookiesSessionsAuthentication
IDOR Basics
Learn how insecure direct object reference issues happen using safe, authorized examples in training labs.
Access ControlAuthorizationIDOR
Reflected Input and XSS Basics
Learn how reflected input works and why output encoding matters. Demonstrated in intentionally vulnerable labs only.
XSSInput ValidationOutput Encoding
Writing a Clean Web Finding
Learn how to document evidence, impact, reproduction steps, and remediation in a format that communicates real risk.
ReportingEvidenceRemediation
No tutorials match that filter yet. Subscribe on YouTube to be notified when new ones are published.
Need a safe place to practice?
All tutorials use authorized training environments. Browse the practice resources page for free, legal practice labs.