RSS Security

πŸ”’
❌ About FreshRSS
There are new articles available, click to refresh the page.
β˜‘ β˜† βœ‡ PortSwigger Blog

Introducing the Burp Suite Certified Practitioner accreditation

β€”
We launched the Web Security Academy in April 2019, as a means of providing free training and learning materials for security professionals. We now have 200 labs, and last year the Web Security Academ
β˜‘ β˜† βœ‡ PortSwigger Blog

Burp Suite roadmap update: July 2021

β€”
Apparently we're halfway through 2021 already (where does the time go?). Here's an update on what we've added to our products so far this year, as well as some exciting new features we're adding to ou
β˜‘ β˜† βœ‡ PortSwigger Blog

Black Hat USA 2021: PortSwigger's latest research to be unveiled

β€”
Two years ago, PortSwigger's director of research James Kettle presented "HTTP Desync Attacks" on-stage at BlackHat USA and kicked off a wave of request smuggling, but at that time HTTP/2 escaped seri
β˜‘ β˜† βœ‡ PortSwigger Blog

Introducing DOM Invader: DOM XSS just got a whole lot easier to find

β€”
Of the three main types of XSS, DOM-based XSS is by far the most difficult to find and exploit. But we come bearing good news! PortSwigger just released a new tool for Burp Suite Professional and Burp
β˜‘ β˜† βœ‡ PortSwigger Blog

20 Burp Suite tips from the Burp user community

β€”
The Burp Suite user community can easily be described as passionate, dedicated, and highly invested in the development of our product. That's why we love it when our users take it upon themselves to q
β˜‘ β˜† βœ‡ PortSwigger Blog

Some of the best Burp extensions - as chosen by you

β€”
As we mentioned in our recent blog post on good resources for new Burp Suite Professional users, the BApp Store is one of the largest repositories of community-created user content you're likely to fi
β˜‘ β˜† βœ‡ PortSwigger Blog

Great getting started resources for new users of Burp Suite Professional

β€”
If you're new to Burp Suite Professional, then congratulations. Not only have you just bought into the world's leading toolkit for web security testing - you've also joined a massive worldwide communi
β˜‘ β˜† βœ‡ PortSwigger Blog

Experience Burp Suite Enterprise Edition in a new live demo

β€”
Quick link: Burp Suite Enterprise Edition live demo. Deploying enterprise-grade software isn't always easy. We wanted a quick way for people to see the core features of Burp Suite Enterprise Edition w
β˜‘ β˜† βœ‡ PortSwigger Blog

Recorded logins in Burp Scanner

β€”
If you’re using Burp Suite to test your website, it’s probably got some way for users to log in - and chances are it’s more complicated than filling in a username and password and hitting submit. Burp
β˜‘ β˜† βœ‡ PortSwigger Blog

AppSec experts share Burp Suite automation secrets and best practices

β€”
Webinar recording: How to Perform Effective Web Application Security Assessments On 6 April, PortSwigger teamed up with HackerOne to bring you AppSec insights from industry expert Burp Suite users. Le
β˜‘ β˜† βœ‡ PortSwigger Blog

Simplified cloud deployment for Burp Suite Enterprise Edition

β€”
Last year, we made Burp Suite Enterprise Edition cloud-friendly. Organizations migrating to the cloud, or taking a cloud-first approach, are able to deploy Burp Suite Enterprise Edition to AWS or Azur
β˜‘ β˜† βœ‡ PortSwigger Blog

PortSwigger teams up with HackerOne for AppSec workshop - 6 April

β€”
Tuesday 6 April, 2021 | 10 AM PT / 1 PM ET / 6 PM GMT Update: this webinar can now be viewed on HackerOne's site, here. AppSec is a tricky business. While expertise remains scarce, threats are only ge
β˜‘ β˜† βœ‡ PortSwigger Blog

Improved CI/CD integrations in Burp Suite Enterprise Edition

β€”
Burp Suite Enterprise Edition was designed to support your DevSecOps needs. One of the ways it does this is via our pre-built and generic CI/CD driver. This allows users to integrate with tooling of t
β˜‘ β˜† βœ‡ PortSwigger Blog

Browser powered scanning in Burp Suite

β€”
Since the release of Browser powered scanning back inΒ Burp Suite Professional 2020.8.1 we have had a lot of customers asking us about our motivation for choosing to integrate with Chromium and fo
β˜‘ β˜† βœ‡ PortSwigger Blog

API Scanning with Burp Suite

β€”
Both Burp Suite Professional and Burp Suite Enterprise Edition contain Burp Scanner - allowing users to easily scan web applications for vulnerabilities. Other blog posts cover how Burp Scanner’s craw
β˜‘ β˜† βœ‡ PortSwigger Blog

Web application cartography: mapping out Burp Suite’s crawler

β€”
At the core of Burp Suite is Burp Scanner - a powerful tool designed to reduce the number of manual steps users have to take to discover vulnerabilities in their targets. Burp Scanner was first releas
β˜‘ β˜† βœ‡ PortSwigger Blog

7 Burp Suite Professional-exclusive features to help you test smarter

β€”
Welcome to the Pro user community So, you've downloaded Burp Suite Professional. What now? It's a big piece of software, and there's a lot of functionality you're probably not aware of - even if you'v
β˜‘ β˜† βœ‡ PortSwigger Blog

Burp Suite Professional: become an early adopter

β€”
Are you a creative and experimental user of Burp Suite Professional, who wants to see the newest features and improvements before most users? Now you can. With the release of v2021.2.1, you can become
β˜‘ β˜† βœ‡ PortSwigger Blog

What are AppSec leaders prioritizing in 2021? The survey results are in.

β€”
The events of 2020 created a catalyst for technology adoption at every level of business. From accelerating digital transformations, growing online web application estates, to increasing reliance on r
❌