Anyone go through Burp Suite's Web Security Academy?
Over the weekend I started going through the online training for the Burp Suite Practitioner Certification. I was curious if anyone here has gone the courseware or taken the exam and what your thoughts were about it. Web application pen testing is a weak area of mine, which is why I wanted to go through the course and learn more to strengthen my skills. For anyone here that does web application pen testing regularly, what are some common weak areas you see repeatedly showing up, CSRF, SSRF, business logic flaws, authentication issues, directory traversal, XSS?