πŸ”’
There are new articles available, click to refresh the page.
Before yesterdayWeb App

Get Burp Suite certified for free...Β 

21 October 2021 at 13:44
We recently launched our Burp Suite Certified Practitioner accreditation to enable our users to validate their self-taught skills as web security practitioners. We've already created the software, so

Get Burp Suite certified for free ...Β 

21 October 2021 at 13:44
We recently launched our Burp Suite Certified Practitioner accreditation to enable our users to validate their self-taught skills as web security practitioners. We've already created the software, so

Burp Suite Professional: feature roundup

30 September 2021 at 13:39
The modern web is an increasingly complex beast. Each passing year brings with it new frameworks, technologies, and design trends - not to mention vulnerabilities. All of this adds to your testing wor

Burp extensions added to Burp Suite Enterprise Edition

26 August 2021 at 13:56
Burp Extensions (and your own custom extensions) will now be supported by Burp Suite Enterprise Edition, brand new for the 2021.8 release. If you've had much experience with Burp Suite Professional, i

It's now easier than ever to scan at scale with Burp Suite Enterprise Edition

25 August 2021 at 14:00
774 organizations in 68 countries are now using Burp Suite Enterprise Edition to improve and scale security across their web portfolios. As we pass the three-year anniversary of development on Burp Su

A New Attack Surface on MS Exchange Part 3 - ProxyShell!

18 August 2021 at 15:08
Author: Orange Tsai(@orange_8361) from DEVCORE P.S. This is a cross-post blog from Zero Day Initiative (ZDI) This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021!Β Β Please visit the following link to read that :)FROM PWN2OWN 2021: A NEW

The history of OAST in Burp Suite

17 August 2021 at 12:00
At PortSwigger, we pride ourselves on pushing the boundaries of web security. Just take a peek at some of our researchers' recent and upcoming talks from the likes of Black Hat and DEF CON if you'd li

A New Attack Surface on MS Exchange Part 1 - ProxyLogon!

6 August 2021 at 15:57
Author: Orange Tsai(@orange_8361) P.S. This is a cross-post blog from DEVCORE The series of A New Attack Surface on MS Exchange:A New Attack Surface on MS Exchange Part 1 - ProxyLogon!A New Attack Surface on MS Exchange Part 2 - ProxyOracle!A New Attack Surface on MS Exchange Part 3 - ProxyShell!A New Attack Surface on MS Exchange Part 4 (coming soon...)

A New Attack Surface on MS Exchange Part 2 - ProxyOracle!

6 August 2021 at 15:57
Author: Orange Tsai(@orange_8361) P.S. This is a cross-post blog from DEVCORE Hi, this is the part 2 of the New MS Exchange Attack Surface. Because this article refers to several architecture introductions and attack surface concepts in the previous article, you could find the first piece here: A New Attack Surface on MS Exchange Part 1 -

Introducing the Burp Suite Certified Practitioner accreditation

27 July 2021 at 16:02
We launched the Web Security Academy in April 2019, as a means of providing free training and learning materials for security professionals. We now have 200 labs, and last year the Web Security Academ

Burp Suite roadmap update: July 2021

9 July 2021 at 10:50
Apparently we're halfway through 2021 already (where does the time go?). Here's an update on what we've added to our products so far this year, as well as some exciting new features we're adding to ou

Black Hat USA 2021: PortSwigger's latest research to be unveiled

6 July 2021 at 12:11
Two years ago, PortSwigger's director of research James Kettle presented "HTTP Desync Attacks" on-stage at BlackHat USA and kicked off a wave of request smuggling, but at that time HTTP/2 escaped seri
❌