Security is everybody's problem: The key to breaking the AppSec barrier. 2020-08-21 00:00:27 | 阅读: 159 | 收藏 | portswigger.net

When alert fails: exploiting transient events Published: 11 August 2020 at 13:01 UTC... 2020-08-11 22:01:53 | 阅读: 273 | 收藏 | portswigger.net sendbeacon onpagehide onunload yourid navigator

Web Cache Entanglement: Novel Pathways to Poisoning Published: 05 August 2020 at 18:30 UTC... 2020-08-06 03:30:00 | 阅读: 291 | 收藏 | portswigger.net 1host poisoning akamai comhttp caches

The state of DevSecOps: the latest stats and trends in 2020 It's been 8 years now since Neil MacDonald coined the term... 2020-08-01 00:49:37 | 阅读: 334 | 收藏 | portswigger.net security adoption hype respondents

Three priorities every AppSec leader should be focused on The challenges faced by AppSec managers in the current dig... 2020-07-27 22:50:32 | 阅读: 261 | 收藏 | portswigger.net security appsec toward agile

What steps can you take toward evolving your organization's security maturity? 2020-07-17 22:25:34 | 阅读: 163 | 收藏 | portswigger.net

Attacking and defending JavaScript sandboxes Published: 15 July 2020 at 13:12 UTC... 2020-07-15 22:12:35 | 阅读: 444 | 收藏 | portswigger.net proxy freeze generators 1337

Burp Suite roadmap update: July 2020 We’re half-way through 2020, and we’ve made a lot of progr... 2020-07-14 20:22:26 | 阅读: 272 | 收藏 | portswigger.net burp wip roadmap underway analysis

Escaping JavaScript sandboxes with parsing issues Published: 10 July 2020 at 13:16 UTC... 2020-07-10 22:16:39 | 阅读: 254 | 收藏 | portswigger.net 10ffdc escapes caja treated

A one million milestone for the Web Security Academy 13 years ago, I wrote The Web Application Hacker’s Handboo... 2020-05-26 22:55:25 | 阅读: 302 | 收藏 | portswigger.net academy security milestone portswigger marks

Documenting the impossible: Unexploitable XSS labs Published: 22 May 2020 at 13:08 UTC... 2020-05-22 22:08:28 | 阅读: 414 | 收藏 | portswigger.net injection solved cheat frameset beat

JavaScript without parentheses using DOMMatrix Published: 23 March 2020 at 14:03 UTC... 2020-03-23 23:03:34 | 阅读: 331 | 收藏 | portswigger.net dommatrix assignment valueof 1337 parenthesis

Top 10 web hacking techniques of 2019 Published: 17 February 2020 at 14:36 UTC... 2020-02-17 23:36:02 | 阅读: 315 | 收藏 | portswigger.net security novel deception xs

DOM Clobbering strikes back Published: 06 February 2020 at 14:36 UTC... 2020-02-06 23:36:55 | 阅读: 312 | 收藏 | portswigger.net clobbered prop clobbering props clobber

SVG animate XSS vector Published: 28 January 2020 at 14:54 UTC... 2020-01-28 23:54:16 | 阅读: 564 | 收藏 | portswigger.net animate semi animation cheat repeatcount

Burp Suite roadmap for 2020 We have big plans for Burp Suite during 2020, aimed at imp... 2020-01-15 19:40:21 | 阅读: 227 | 收藏 | portswigger.net burp roadmap highlights analysis software

Top 10 web hacking techniques of 2019 - nominations open Published: 31 December 2019 at 14:39 UTC... 2019-12-31 23:39:03 | 阅读: 273 | 收藏 | portswigger.net nominations hop bypass security

Breaking the chains on HTTP Request Smuggler Published: 09 December 2019 at 13:53 UTC... 2019-12-09 22:53:53 | 阅读: 207 | 收藏 | portswigger.net smuggler chunked negatives Émile timing

Cracking reCAPTCHA, Turbo Intruder style Published: 20 November 2019 at 14:59 UTC... 2019-11-20 23:59:54 | 阅读: 273 | 收藏 | portswigger.net recaptcha turbo intruder gate reddit

XS-Leak: Detecting IDs using Portal Published: 14 November 2019 at 15:58 UTC... 2019-11-15 00:58:17 | 阅读: 167 | 收藏 | portswigger.net phpmyadmin selector onblur chrome adjacent