Blind CSS Exfiltration: exfiltrate unknown web pages Published: 05 December 2023 at 15:37 UTC... 2023-12-5 23:37:20 | 阅读: 20 | 收藏 | PortSwigger Research - portswigger.net selector exfiltrator 1337 fallback selectors

Introducing Bambdas Emma Stocks |14 November 2023 at... 2023-11-14 16:27:0 | 阅读: 29 | 收藏 | PortSwigger Blog - portswigger.net burp bambdas bambda

The single-packet attack: making remote race-conditions 'local' Published: 18 October 2023 at 12:54 UTC... 2023-10-18 20:54:1 | 阅读: 20 | 收藏 | PortSwigger Research - portswigger.net network jitter fragments pipelining

How to build custom scanners for web security research automation Published: 03 October 2023 at 13:34 UTC... 2023-10-3 21:34:47 | 阅读: 22 | 收藏 | PortSwigger Research - portswigger.net concurrent behaviour triage positives 50x

DOM Invader and the case of direct eval vs indirect eval Gareth Heyes |25 September 2023 a... 2023-9-25 22:0:0 | 阅读: 24 | 收藏 | PortSwigger Blog - portswigger.net invader myvariable xeval scoped

New learning paths, from the Web Security Academy Emma Stocks |13 September 2023 at... 2023-9-13 18:36:16 | 阅读: 29 | 收藏 | PortSwigger Blog - portswigger.net security hear fancy exclusively

Supporting Sprocket Security's offensive security testing with BChecks, from Burp Suite Emma Stocks |06 September 2023 at... 2023-9-7 01:55:16 | 阅读: 31 | 收藏 | PortSwigger Blog - portswigger.net bchecks burp security sprocket workflows

New techniques and tools for web race conditions Emma Stocks |10 August 2023 at 06... 2023-8-10 14:56:15 | 阅读: 24 | 收藏 | PortSwigger Blog - portswigger.net portswigger burp jitter tooling network

Smashing the state machine: the true potential of web race conditions Published: 09 August 2023 at 18:00 UTC... 2023-8-10 02:0:0 | 阅读: 53 | 收藏 | PortSwigger Research - portswigger.net gitlab database devise

The top 10 community-created BChecks, so far ... Emma Stocks |24 July 2023 at 14:0... 2023-7-24 22:9:24 | 阅读: 44 | 收藏 | PortSwigger Blog - portswigger.net bcheck bchecks github bcheckview payload

Implementing Tic Tac Toe with 170mb of HTML - no JS or CSS Gareth Heyes |21 July 2023 at 14:... 2023-7-21 22:0:0 | 阅读: 32 | 收藏 | PortSwigger Blog - portswigger.net chrome choices loops popover

Burp Suite roadmap update: July 2023 Matt Atkinson |17 July 2023 at 14... 2023-7-17 22:26:13 | 阅读: 31 | 收藏 | PortSwigger Blog - portswigger.net burp bchecks wip websockets

Exploiting XSS in hidden inputs and meta tags Published: 11 July 2023 at 13:00 UTC... 2023-7-11 21:0:0 | 阅读: 40 | 收藏 | PortSwigger Research - portswigger.net popover newsletter injection

Find GraphQL API vulnerabilities, with Burp Suite Professional Gareth Heyes |04 July 2023 at 13:... 2023-7-4 21:0:0 | 阅读: 31 | 收藏 | PortSwigger Blog - portswigger.net burp tester suggestions

We want to check out your BChecks ... Emma Stocks |03 July 2023 at 14:5... 2023-7-3 22:54:53 | 阅读: 42 | 收藏 | PortSwigger Blog - portswigger.net bchecks burp bcheck competition monday

BChecks: Houston, we have a solution! Ollie Whitehouse |29 June 2023 at... 2023-6-29 20:46:10 | 阅读: 35 | 收藏 | PortSwigger Blog - portswigger.net bchecks 0537 burp bypass

Keep it simple, Scanner Tom Shelton-Lefley |20 June 2023... 2023-6-20 22:2:0 | 阅读: 30 | 收藏 | PortSwigger Blog - portswigger.net edges crawler merging burp development

How I choose a security research topic Published: 14 June 2023 at 13:09 UTC... 2023-6-14 21:9:35 | 阅读: 50 | 收藏 | PortSwigger Research - portswigger.net audience security hardest tooling

Bypassing CSP via DOM clobbering Published: 05 June 2023 at 14:00 UTC... 2023-6-5 22:0:0 | 阅读: 49 | 收藏 | PortSwigger Research - portswigger.net clobbering invader ehy bypass

Ambushed by AngularJS: a hidden CSP bypass in Piwik PRO Published: 28 April 2023 at 12:00 UTC... 2023-4-28 20:0:0 | 阅读: 29 | 收藏 | PortSwigger Research - portswigger.net angularjs debugger bypass piwik mar