PortSwigger Academy: SQL injection for hidden data
PortSwigger has a whole ‘academy’ where you can hone your Burpsuite skills. Or in my case - Learn how to actually use BurpSuite. I’ve used Burpsuite before in a few of the CTFs I’ve done, but I’ve not really dug into how to use it properly. Those few instances were just using it to capture a request to pass off the brute-forcing to hydra or blindly hoping that it would get me a flag. Burpsuite is a very useful tool, so it’s about time I train myself specifically on it. ...