PortSwigger Blog – Page 7 – WindowsTechs.com

One month of Burp Suite in the Cloud – how are AppSec teams using it?

Posted on May 7, 2024 by PortSwigger Blog

It’s now been a month since we launched the new Cloud-based Burp Suite Enterprise Edition, and we’re taking a look at the benefits our users have seen so far. Burp Suite Enterprise Edition in th Continue reading One month of Burp Suite in the Cloud – how are AppSec teams using it?→

Introducing DAST scanning in the Cloud, with Burp Suite Enterprise Edition

Posted on April 18, 2024 by PortSwigger Blog

We’re excited to announce that Burp Suite Enterprise Edition is now available in PortSwigger’s secure cloud. You can now free up testing time with scalable, automated DAST scanning, without the burden Continue reading Introducing DAST scanning in the Cloud, with Burp Suite Enterprise Edition→

What’s new with BChecks?

Posted on February 8, 2024 by PortSwigger Blog

Earlier this year, we released BChecks, a powerful yet simple scripting language that allows you to quickly build and create custom scan checks for anything you want to secure or test. We’ve already h Continue reading What’s new with BChecks?→

Introducing custom scan checks to Burp Suite Enterprise Edition

Posted on February 2, 2024 by PortSwigger Blog

BChecks, in a nutshell, are easy to use custom-created scan checks that enable you to extend the capabilities of Burp Scanner in a quick and simple way. We recently released BChecks to Burp Suite Prof Continue reading Introducing custom scan checks to Burp Suite Enterprise Edition→

The future of Bambdas

Posted on December 14, 2023 by PortSwigger Blog

Bambdas, a unique new way to customize Burp Suite on the fly with small snippets of code, were first introduced in the form of a custom filter for the Proxy HTTP history. This is just the first of man Continue reading The future of Bambdas→

Introducing Bambdas

Posted on November 14, 2023 by PortSwigger Blog

You’ve might have heard of Lambdas. But have you heard of Bambdas? They’re a unique new way to customize Burp Suite directly from the UI, using only small snippets of Java. Changing the face of Burp S Continue reading Introducing Bambdas→

DOM Invader and the case of direct eval vs indirect eval

Posted on September 25, 2023 by PortSwigger Blog

What is DOM Invader? DOM Invader is a browser extension that makes it easy to find DOM based XSS by instrumenting various JavaScript functions. You can find out more about DOM Invader here: Introducin Continue reading DOM Invader and the case of direct eval vs indirect eval→

New learning paths, from the Web Security Academy

Posted on September 13, 2023 by PortSwigger Blog

When you’re starting out in the world of web security, it can be overwhelming trying to work out where to begin. There are dozens of vulnerability classes, and numerous exploit techniques to learn abo Continue reading New learning paths, from the Web Security Academy→

Supporting Sprocket Security’s offensive security testing with BChecks, from Burp Suite

Posted on September 6, 2023 by PortSwigger Blog

The US-based organization Sprocket Security provides continuous penetration testing services to customers by monitoring clients’ attack surfaces and searching for new and novel exploitation techniques Continue reading Supporting Sprocket Security’s offensive security testing with BChecks, from Burp Suite→

New techniques and tools for web race conditions

Posted on August 10, 2023 by PortSwigger Blog

For too long, web race-condition attacks have focused on a tiny handful of scenarios. Testing for them is inherently unreliable, compounded by known challenges relating to time constraints and network Continue reading New techniques and tools for web race conditions→