Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. ️ 这篇文章介绍了 Burp Suite 的可扩展性功能，包括 Bambdas、BChecks 和 Extensions 三种方式。通过这些工具，用户可以定制和增强 Burp Suite 的功能以满足特定需求。Bambdas 是代码片段用于过滤和增强工作流程；BChecks 是自定义扫描检查；Extensions 则是用户创建的工具以扩展 Burp 的功能。这些功能帮助用户实现个性化测试和高效协作。... 2025-1-10 15:53:34 | 阅读: 7 | 收藏 | PortSwigger Blog - portswigger.net burp bambda bambdas library

Top ten web hacking techniques of 2024: nominations open Published: 08 January 2025 at 14:07 UTC... 2025-1-8 14:7:35 | 阅读: 15 | 收藏 | 0day Fans - portswigger.net bypass injection remote novel

Top 10 web hacking techniques of 2024: nominations open Published: 08 January 2025 at 14:07 UTC... 2025-1-8 14:7:27 | 阅读: 19 | 收藏 | PortSwigger Research - portswigger.net nominations bypass novel remote security

Bypassing WAFs with the phantom $Version cookie Published: 04 December 2024 at 15:03 UTC... 2024-12-4 23:3:35 | 阅读: 13 | 收藏 | PortSwigger Research - portswigger.net quoted value2 param2 value1 param1

Take control of your security posture: The Burp Suite Enterprise Edition winter update Rob Samuels |30 October 2024 at 0... 2024-10-30 17:12:2 | 阅读: 13 | 收藏 | PortSwigger Blog - portswigger.net burp security estate simplify

New crazy payloads in the URL Validation Bypass Cheat Sheet Published: 29 October 2024 at 13:59 UTC... 2024-10-29 21:59:13 | 阅读: 8 | 收藏 | PortSwigger Research - portswigger.net cheat bypass attacker decimal userinfo

Concealing payloads in URL credentials Published: 23 October 2024 at 12:59 UTC... 2024-10-23 20:59:5 | 阅读: 12 | 收藏 | PortSwigger Research - portswigger.net username anchor payload clobbering getbase

API Security: The 6 biggest challenges AppSec teams face, and how to solve them. Rob Samuels |24 September 2024 at... 2024-9-24 18:1:7 | 阅读: 14 | 收藏 | PortSwigger Blog - portswigger.net burp appsec security concern dast

Introducing Burp Suite’s game-changing performance update ⚡️ 这篇文章介绍了Burp Suite的最新性能优化和功能改进。通过减少表格排序时间、降低UI延迟和内存使用，提升了工具的效率和响应速度。新增Proxy Intercept View功能和改进Intruder UI设计，进一步优化了用户体验。未来将继续以性能为核心进行更新。... 2024-9-12 11:55:26 | 阅读: 6 | 收藏 | PortSwigger Blog - portswigger.net burp reduced memory intruder proxy

Burp Suite Performance Improvements Daniel Allen |11 September 2024 a... 2024-9-11 14:53:2 | 阅读: 16 | 收藏 | PortSwigger Blog - portswigger.net sorting burp repeater memory tabs

Performance Improvements to table sorting and Repeater Daniel Allen |11 September 2024 a... 2024-9-11 14:53:2 | 阅读: 9 | 收藏 | PortSwigger Blog - portswigger.net sorting burp memory repeater tabs

Introducing the URL validation bypass cheat sheet Published: 03 September 2024 at 14:52 UTC... 2024-9-3 22:52:12 | 阅读: 9 | 收藏 | PortSwigger Research - portswigger.net cheat bypass attacker hexadecimal converted

Try it for yourself: the latest PortSwigger Research from Black Hat USA Amelia Coen |23 August 2024 at 07... 2024-8-23 15:44:21 | 阅读: 24 | 收藏 | PortSwigger Blog - portswigger.net burp portswigger timing security

Gotta cache 'em all: bending the rules of web cache exploitation Published: 08 August 2024 at 22:27 UTC... 2024-8-9 06:27:46 | 阅读: 15 | 收藏 | PortSwigger Research - portswigger.net delimiter delimiters poisoning myaccount

Splitting the email atom: exploiting parsers to bypass access controls Published: 07 August 2024 at 21:32 UTC... 2024-8-8 05:32:47 | 阅读: 33 | 收藏 | PortSwigger Research - portswigger.net punycode github xn joomla decoded

Listen to the whispers: web timing attacks that actually work Published: 07 August 2024 at 18:10 UTC... 2024-8-8 02:10:21 | 阅读: 17 | 收藏 | PortSwigger Research - portswigger.net timing noise reverse injection ssrf

Unlock enhanced API scanning with Burp Suite Rob Samuels |31 July 2024 at 12:1... 2024-7-31 20:17:39 | 阅读: 7 | 收藏 | PortSwigger Blog - portswigger.net burp oas wider

Fickle PDFs: exploiting browser rendering discrepancies Published: 09 July 2024 at 12:51 UTC... 2024-7-9 20:51:22 | 阅读: 29 | 收藏 | PortSwigger Research - portswigger.net rendering widget invoice 399 appearance

A hacking hat-trick: previewing three PortSwigger Research publications coming to DEF CON & Black Hat USA Published: 02 July 2024 at 12:57 UTC... 2024-7-2 20:57:8 | 阅读: 12 | 收藏 | PortSwigger Research - portswigger.net bypass deception timing suggested poisoning

Investing to deliver more Dafydd Stuttard |27 June 2024 at... 2024-6-27 19:36:58 | 阅读: 9 | 收藏 | PortSwigger Blog - portswigger.net portswigger investment bpc security