Click the orange "Sign up" button.
Enter your email account and click the green Register button.
Check your email. Follow the instructions there to complete your registration.
When you first log in on the Portswigger page, you end at the "My account" page.
At the top right, click Academy.
Flag W 600.1: Word (10 pts)You see a page showing your accomplishment on the PortSwigger Web Security Academy.
The flag is the word covered by a green rectangle in the image below.
Download Burp Suite Community Edition. Install it.
If you have problems, consult this page for more tips:
At the Welcome page, accept the default selection of "Temporary project" and click Next.
On the next page, accept the default selection of "Use Burp defaults" and click "Start Burp".
Burp opens on the Dashboard tab. Click the Proxy tab.
Click the "Intercept is on" button, so it changes to "Intercept is off", as shown below.
Click the "Open Browser" button.
In the Browser, go to:
as shown below.
Flag W 600.2: HTTP history (10 pts)In Burp, on the Proxy tab, click the "HTTP history" sub-tab.
Click the GET request that loaded the flag.php page. The Response contains the flag, covered by a green rectangle in the image below.
You see a list of topics, as shown below.
You can do these in any order, but I recommend starting with these ones because they are easier: