00 — Overview

Parameter Tampering

Intercept and modify what your browser sends before it reaches the server. Change prices, quantities, and hidden fields to expose how much trust applications blindly place in the client.

Beginner·45 min·7 tasks

// By the end of this module

→Identify hidden and trusted parameters in requests

→Modify prices, quantities, roles, and IDs to change application behaviour

→Find parameters that are reflected in state-changing responses

→Use Burp Intruder to fuzz parameter values at scale

// Prerequisites

Foundation · Beginner

How the Web Works

45 min

→

Foundation · Beginner

Browser DevTools for Hackers

20 min

→