Take control of your security posture: The Burp Suite Enterprise Edition winter update Rob Samuels |30 October 2024 at 0... 2024-10-30 17:12:2 | 阅读: 3 | 收藏 | PortSwigger Blog - portswigger.net burp security estate simplify

New crazy payloads in the URL Validation Bypass Cheat Sheet Published: 29 October 2024 at 13:59 UTC... 2024-10-29 21:59:13 | 阅读: 3 | 收藏 | PortSwigger Research - portswigger.net cheat bypass attacker decimal userinfo

Concealing payloads in URL credentials Published: 23 October 2024 at 12:59 UTC... 2024-10-23 20:59:5 | 阅读: 6 | 收藏 | PortSwigger Research - portswigger.net username anchor payload clobbering getbase

API Security: The 6 biggest challenges AppSec teams face, and how to solve them. Rob Samuels |24 September 2024 at... 2024-9-24 18:1:7 | 阅读: 8 | 收藏 | PortSwigger Blog - portswigger.net burp appsec security concern dast

Burp Suite Performance Improvements Daniel Allen |11 September 2024 a... 2024-9-11 14:53:2 | 阅读: 10 | 收藏 | PortSwigger Blog - portswigger.net sorting burp repeater memory tabs

Performance Improvements to table sorting and Repeater Daniel Allen |11 September 2024 a... 2024-9-11 14:53:2 | 阅读: 3 | 收藏 | PortSwigger Blog - portswigger.net sorting burp memory repeater tabs

Introducing the URL validation bypass cheat sheet Published: 03 September 2024 at 14:52 UTC... 2024-9-3 22:52:12 | 阅读: 6 | 收藏 | PortSwigger Research - portswigger.net cheat bypass attacker hexadecimal converted

Try it for yourself: the latest PortSwigger Research from Black Hat USA Amelia Coen |23 August 2024 at 07... 2024-8-23 15:44:21 | 阅读: 21 | 收藏 | PortSwigger Blog - portswigger.net burp portswigger timing security

Gotta cache 'em all: bending the rules of web cache exploitation Published: 08 August 2024 at 22:27 UTC... 2024-8-9 06:27:46 | 阅读: 11 | 收藏 | PortSwigger Research - portswigger.net delimiter delimiters poisoning myaccount

Splitting the email atom: exploiting parsers to bypass access controls Published: 07 August 2024 at 21:32 UTC... 2024-8-8 05:32:47 | 阅读: 27 | 收藏 | PortSwigger Research - portswigger.net punycode github xn joomla decoded

Listen to the whispers: web timing attacks that actually work Published: 07 August 2024 at 18:10 UTC... 2024-8-8 02:10:21 | 阅读: 14 | 收藏 | PortSwigger Research - portswigger.net timing noise reverse injection ssrf

Unlock enhanced API scanning with Burp Suite Rob Samuels |31 July 2024 at 12:1... 2024-7-31 20:17:39 | 阅读: 4 | 收藏 | PortSwigger Blog - portswigger.net burp oas wider

Fickle PDFs: exploiting browser rendering discrepancies Published: 09 July 2024 at 12:51 UTC... 2024-7-9 20:51:22 | 阅读: 26 | 收藏 | PortSwigger Research - portswigger.net rendering widget invoice 399 appearance

A hacking hat-trick: previewing three PortSwigger Research publications coming to DEF CON & Black Hat USA Published: 02 July 2024 at 12:57 UTC... 2024-7-2 20:57:8 | 阅读: 9 | 收藏 | PortSwigger Research - portswigger.net bypass deception timing suggested poisoning

Investing to deliver more Dafydd Stuttard |27 June 2024 at... 2024-6-27 19:36:58 | 阅读: 4 | 收藏 | PortSwigger Blog - portswigger.net portswigger investment bpc security

onwebkitplaybacktargetavailabilitychanged?! New exotic events in the XSS cheat sheet Published: 11 June 2024 at 14:58 UTC... 2024-6-11 22:58:29 | 阅读: 11 | 收藏 | PortSwigger Research - portswigger.net autofocus submission

Refining your HTTP perspective, with bambdas Published: 29 May 2024 at 13:31 UTC... 2024-5-29 21:31:49 | 阅读: 8 | 收藏 | PortSwigger Research - portswigger.net matcher arraylist ipaddress

Introducing SignSaboteur: forge signed web tokens with ease Published: 22 May 2024 at 12:37 UTC... 2024-5-22 20:37:0 | 阅读: 10 | 收藏 | PortSwigger Research - portswigger.net claims derivation flask hashing

Burp Suite Enterprise Edition spring update 2024 Amelia Coen |16 May 2024 at 13:31... 2024-5-16 21:31:46 | 阅读: 10 | 收藏 | PortSwigger Blog - portswigger.net burp cloud websockets

One month of Burp Suite in the Cloud - how are AppSec teams using it? Mike Eaton |07 May 2024 at 14:25... 2024-5-7 22:25:53 | 阅读: 11 | 收藏 | PortSwigger Blog - portswigger.net cloud burp appsec dast security