πŸ”’
There are new articles available, click to refresh the page.
βœ‡ PortSwigger Blog

Get Burp Suite certified for free...Β 

β€”
We recently launched our Burp Suite Certified Practitioner accreditation to enable our users to validate their self-taught skills as web security practitioners. We've already created the software, so
βœ‡ PortSwigger Blog

Get Burp Suite certified for free ...Β 

β€”
We recently launched our Burp Suite Certified Practitioner accreditation to enable our users to validate their self-taught skills as web security practitioners. We've already created the software, so
βœ‡ PortSwigger Blog

Burp Suite Professional: feature roundup

β€”
The modern web is an increasingly complex beast. Each passing year brings with it new frameworks, technologies, and design trends - not to mention vulnerabilities. All of this adds to your testing wor
βœ‡ PortSwigger Blog

Burp extensions added to Burp Suite Enterprise Edition

β€”
Burp Extensions (and your own custom extensions) will now be supported by Burp Suite Enterprise Edition, brand new for the 2021.8 release. If you've had much experience with Burp Suite Professional, i
βœ‡ PortSwigger Blog

It's now easier than ever to scan at scale with Burp Suite Enterprise Edition

β€”
774 organizations in 68 countries are now using Burp Suite Enterprise Edition to improve and scale security across their web portfolios. As we pass the three-year anniversary of development on Burp Su
βœ‡ Orange

A New Attack Surface on MS Exchange Part 3 - ProxyShell!

By: [email protected] (Orange Tsai) β€”
Author: Orange Tsai(@orange_8361) from DEVCORE P.S. This is a cross-post blog from Zero Day Initiative (ZDI) This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021!Β Β Please visit the following link to read that :)FROM PWN2OWN 2021: A NEW
βœ‡ PortSwigger Blog

The history of OAST in Burp Suite

β€”
At PortSwigger, we pride ourselves on pushing the boundaries of web security. Just take a peek at some of our researchers' recent and upcoming talks from the likes of Black Hat and DEF CON if you'd li
βœ‡ Detectify Labs

How to Hack APIs in 2021

By: labsdetectify β€”

The post How to Hack APIs in 2021 appeared first on Detectify Labs.

βœ‡ Orange

A New Attack Surface on MS Exchange Part 1 - ProxyLogon!

By: [email protected] (Orange Tsai) β€”
Author: Orange Tsai(@orange_8361) P.S. This is a cross-post blog from DEVCORE The series of A New Attack Surface on MS Exchange:A New Attack Surface on MS Exchange Part 1 - ProxyLogon!A New Attack Surface on MS Exchange Part 2 - ProxyOracle!A New Attack Surface on MS Exchange Part 3 - ProxyShell!A New Attack Surface on MS Exchange Part 4 (coming soon...)
βœ‡ Orange

A New Attack Surface on MS Exchange Part 2 - ProxyOracle!

By: no[email protected] (Orange Tsai) β€”
Author: Orange Tsai(@orange_8361) P.S. This is a cross-post blog from DEVCORE Hi, this is the part 2 of the New MS Exchange Attack Surface. Because this article refers to several architecture introductions and attack surface concepts in the previous article, you could find the first piece here: A New Attack Surface on MS Exchange Part 1 -
βœ‡ PortSwigger Blog

Introducing the Burp Suite Certified Practitioner accreditation

β€”
We launched the Web Security Academy in April 2019, as a means of providing free training and learning materials for security professionals. We now have 200 labs, and last year the Web Security Academ
βœ‡ PortSwigger Blog

Burp Suite roadmap update: July 2021

β€”
Apparently we're halfway through 2021 already (where does the time go?). Here's an update on what we've added to our products so far this year, as well as some exciting new features we're adding to ou
βœ‡ PortSwigger Blog

Black Hat USA 2021: PortSwigger's latest research to be unveiled

β€”
Two years ago, PortSwigger's director of research James Kettle presented "HTTP Desync Attacks" on-stage at BlackHat USA and kicked off a wave of request smuggling, but at that time HTTP/2 escaped seri
❌