Burp suite (from the scratch) Video 1 Video Lecture | Learn all about Burp Suite (English) - IT & Software

alright guys now the very first thing
that we're gonna need in order to start
learning about website hacking is an
actual website that we can test on now
we can't just go online and find any old
website and start trying to hack it
because that is illegal and we don't
want to go to jail so we need to host
our own website now we can host it from
our own computer if we wanted to well
again what we're gonna be doing is we're
gonna be trying to hack it we're gonna
be trying to break in mess with the
system
so probably hosting a website from our
own computer wouldn't be a good option
because you know in case we delete any
files by accident we don't want to mess
with our hosts computer so what are some
other options well we can't just go
online to like um GoDaddy or Bluehost
and get some cheap shared hosting plan
but believe it or not they they probably
wouldn't like if you just bought a
website just to try to hack in their
system so you might get a little you
know a couple mean emails so here's what
I'm gonna do in this tutorial I'm gonna
show you guys how to set up a virtual
machine and if you guys never use a
virtual machine before what it is it's
pretty much a way that you can run an
entirely new operating system within
your own computer so for example say you
wanted to run Linux on this computer you
can run it in a virtual machine and then
you can use it to host the website and
then what you could do is you can pretty
much try to hack into that website
delete any files that you want and no
matter what you do to it it's not gonna
affect the whole system so the first
thing we need is a program from this
website vmware.com if you already have a
virtual machine on your computer and
that's fine you can just use that but
for those of you who don't I'm going to
show you guys how to get one and if you
click on downloads you can scroll down
all the way and click on this link right
here this is VMware Player pretty much a
program a really simple program that you
can host virtual machines on your own
computer so click download it's free by
the way which is awesome and this is one
of the more popular ones so that's why
I'm recommending this
so for this they have a option as you're
gonna see for windows and this is the
one I already have installed on my
computer or if you have Linux then
download this one right here but
basically I don't really need to talk
you through the installation process you
click download click the next next next
and you got to keep all the default
settings whenever you do and I'll show
you guys what happens it pretty much
gives you this little program right here
so I'm gonna double click this and you
can see I already have a couple virtual
machines set up this is Linux and this
is another flavor of the links called a
boon - this is actually the one of the
more popular ones but what we're gonna
be doing is we're gonna be banking an
entirely new operating system a new
virtual machine and we're gonna be using
it as a web server so once we have a web
server running we're gonna host the
little website that we can test on
alright that sounds like a lot of work
right have to set up a web server and
then we have to like make some websites
somehow that's gonna be you know pain in
the butt take a long time well check
this out you guys are gonna love me
after this what this company did called
i.t sec games is they made a website
just for testing web vulnerabilities so
it's pretty much a website that they
knew was buggy so don't ever don't ever
download this and stick it on like an
actual server that you don't have
complete control over like a shared
hosting plan because it has a ton of
vulnerabilities so what you want to do
is if you go to downloads page then you
can either download this link right here
and this website is called be web and
what it is is it's a website that's made
in PHP and MySQL and like I said it has
a whole bunch of vulnerabilities that
you can test you can actually take a
look at a few of the screenshots so it's
like a website built just for hacking
now if you already have another server
up and running then you can go ahead and
download this or what they did is they
actually made an entirely new virtual
machine which includes the server and
the website hosted on it
everything because it's configured
perfectly for you and if you download
this you can get it's called beatbox so
that's the difference bwak is just the
website just the web files and B box is
the virtual machine and the website
bundled together so we can pretty much
click this download it and whenever we
open it we have a brand-new web server
and a buggy website for testing all
packaged together it's freaking awesome
so I'm gonna click this file
it's the 7z file and actually that's
gonna start downloading I actually
already have it downloaded because it
takes a few minutes and I didn't you
know think you guys wanted to wait and
just see a little download bar progress
throughout the entire tutorial but once
you have it downloaded I'll show you
what it gives you it gives you this file
B box dot 7z now what the heck is this
7z thing this 7z thing if you aren't
familiar with them they're kind of like
a zip file but they have better
compression we pretty much need a way to
extract it now if you just try to
extract it by right-clicking and trying
to go to hmm extract oh don't really see
that option anywhere I said it's not
exactly a zip file so we actually need a
separate program for Ang's on zipping it
this is free - it's called 7-zip so if
you just go to this website download the
program this is gonna allow you to
extract 7z or 7-zip files so let me show
you what this is and oh here it is
you know I had a cool little shortcut to
it all right
so pretty simple pretty simple interface
you can pretty much click on a 7-zip
file hit extract and it does its work
where do you want to extract the - just
like you're using Windows extractor in
hell ok looks good the default path and
it does its thing so once it's done
doing this thing we can actually close
out of this I'm like navigating through
that we can go back in our downloads and
look at this we now have a beautifully
extract
a folder you can look at all of the
other files and if you go in the speed
box one then you're gonna see this file
right here beatbox VMware this is your
virtual machine and we can either just
double click this since we already have
VMware Player or we can open this and
then import it but I'm just gonna double
click it and it should load for me so I
copied it and check this out
so this is giving me a little warning
because I have a flash drive plugged in
and it's gonna start up our machine and
this is resembling a web server so we
have a web server that's hosted by
Ubuntu and once this starts our website
is going to be running and I'll show you
guys how to connect to it alright so it
booted up our website should now be
running now the thing is this website
that we just started it doesn't have a
domain name in order to have a domain
name for a website like WWE whatever
name you want and Comm you actually have
to set up with a DNS server or just buy
it that's what most people do and
everything set up automatically and
since we really don't need that what we
need to do in order to access our little
site is we need to type in the IP
address manually so what is the IP
address of this website how do we figure
it out well if you go to this and make
sure you got the right mouse alright if
you type if' config then you're gonna
see where yet we're yet alright in that
dress 192 168 0 7 now if we open up
Firefox and hit HTTP colon backslash
backslash 192.168 7b whap b is lowercase
w AP p is all uppercase and hit enter
check it out it's gonna connect and this
is our webserver
so if you ever close out of this and
shut that down this website isn't gonna
work anymore so pretty awesome and most
of the tutorial we can just minimize
this because it's done it's just gonna
run in the background right now we are
some kind of you know resembling
some kind of hacker shrank to login this
website we obviously don't have control
over the server yet hopefully well so
that is how you set up your website you
get your system up and running we now
have a website that we can hack into
legally we can mess with we can delete
files we can pretty much try any
vulnerability or any test that we want
and if ever messes up and all these
files get deleted that's fine
our whole system right here is never
affected at all it's completely safe
so for now thank you guys for watching
and I'll see you guys in the next lesson