Community Manager at Infosec!
Who we are | What we do
Free (for the next day or so) Burp Suite course
tedjames
Member Posts: 1,182 ■■■■■■■■□□
in Pentesting
Found this on Twitter: https://twitter.com/PeritusTraining
Go to their site to register: https://training.peritusinfosec.com/
Use the code DIWALIGIFT to get the course for free. Their Twitter post says it's free for the next 72 hours. They posted on October 16, so the code may expire today.
Comments
-
JDMurray Admin Posts: 13,101 AdminYep, I just enrolled too. Great find! I can't wait to review the course.
-
chrisone Member Posts: 2,278 ■■■■■■■■■□worked for me as of 10/21/19Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
yoba222 Member Posts: 1,237 ■■■■■■■■□□Wow nice! I need to learn Burp Suite on a much deeper level than I do now. I think this might cover some of the Pro modules too, but I could be wrong.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
Infosec_Sam Admin Posts: 527 AdminLooks like they just updated the sale to be valid for the next 24h. Thanks for the callout - it doesn't get any better than free, especially for such a powerful tool! Once we get a little further in the course, we'll have to open a discussion about how it's going!
-
tedjames Member Posts: 1,182 ■■■■■■■■□□Portswigger, the guys who invented Burp Suite, offer free training on their site: https://portswigger.net/web-security
I think there may also be a free course or two on Udemy, maybe Cybrary, too. Also, there's tons of instruction on YouTube. -
thaiguy314 Member Posts: 59 ■■■□□□□□□□yep, still works as of this morning. thanks for the find!Certs: CISSP, CEH, CCNA Cyber Ops, Security+
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□Of course, one question we're not asking ourselves is this: are we being phished?
Because honestly, this'd make a nice watering hole attack on unsuspecting security newbies. -
JDMurray Admin Posts: 13,101 AdminWell, we could use this as an opportunity to do some OSINT detective work on your hypothesis: "Is Peritus Training a front for a phishing/wateringhole campaign?"
I'll start:- The Twitter account for Peritus Training was recently created on August 2019 and presently has only 23 tweets posted.
- The domain peritusinfosec.com is nearly two years old.
-
tedjames Member Posts: 1,182 ■■■■■■■■□□FluffyBunny said:Of course, one question we're not asking ourselves is this: are we being phished?
Because honestly, this'd make a nice watering hole attack on unsuspecting security newbies.That's why I use a separate, disposable, if necessary, email account for things like this. I also use it when registering for conferences. I never use my real account and definitely not my work account. I just enter the minimum including fake birthdays (if they are required) and fake phone numbers. Just get in, get what you need (the training), and get out.Could be that Peritus is trying to create a buzz with free training before upping prices.It's good that people are paying attention, though. Trust but verify. -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□Still works, used fake name and disposable email and didn't agree to their promo emails.
-
FluffyBunny Member Posts: 245 ■■■■■■□□□□tedjames said:FluffyBunny said:Of course, one question we're not asking ourselves is this: are we being phished?
Because honestly, this'd make a nice watering hole attack on unsuspecting security newbies.That's why I use a separate, disposable, if necessary, email account for things like this. I also use it when registering for conferences.
Hence why I really loved a previous customer of mine, for only allowing Internet access through a seperate browser running through Citrix on a short-lifetime VM. -
tedjames Member Posts: 1,182 ■■■■■■■■□□FluffyBunny said:tedjames said:FluffyBunny said:Of course, one question we're not asking ourselves is this: are we being phished?
Because honestly, this'd make a nice watering hole attack on unsuspecting security newbies.That's why I use a separate, disposable, if necessary, email account for things like this. I also use it when registering for conferences.
Hence why I really loved a previous customer of mine, for only allowing Internet access through a seperate browser running through Citrix on a short-lifetime VM. -
FluffyBunny Member Posts: 245 ■■■■■■□□□□tedjames said:All good points! I like your level of paranoia. A friend pays his bills and does banking online using separate VMs for each account.
-
tedjames Member Posts: 1,182 ■■■■■■■■□□FluffyBunny said:tedjames said:All good points! I like your level of paranoia. A friend pays his bills and does banking online using separate VMs for each account.
Most people outside of security have told me, during discussions on rights to privacy, "What do I care? I have nothing to hide." I always tell them that, while that may be so, an attacker may be able to pivot off of them onto someone who really does have something to hide, like one of their friends or family members. -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□They'd probably tell you that before their salary or their debt amount.
-
tedjames Member Posts: 1,182 ■■■■■■■■□□Danielm7 said:They'd probably tell you that before their salary or their debt amount.