#portswigger — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #portswigger, aggregated by home.social.
-
🎙️ Join Federico’s Discord talk later today!
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining #PortSwigger on Discord for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Most web and mobile backends and APIs can be assessed effectively with #BurpSuite out of the box. But testers sometimes hit scenarios where standard workflows become impractical, such as encryption, request signing, custom data formats, WAF controls, token handling, and other protections.
In this talk, Federico will explore how custom Burp Suite extensions can integrate those mechanisms directly into your testing workflow, so you can keep using tools like Repeater, Intruder, Scanner, and more as if the underlying complexity was not there.
Expect a real-world inspired scenario, practical design guidance, and plenty of extension-building inspiration.
👉 Register your interest here!
https://discord.com/events/1159124119074381945/1499761261750128670 -
🎙️ Join Federico’s Discord talk later today!
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining #PortSwigger on Discord for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Most web and mobile backends and APIs can be assessed effectively with #BurpSuite out of the box. But testers sometimes hit scenarios where standard workflows become impractical, such as encryption, request signing, custom data formats, WAF controls, token handling, and other protections.
In this talk, Federico will explore how custom Burp Suite extensions can integrate those mechanisms directly into your testing workflow, so you can keep using tools like Repeater, Intruder, Scanner, and more as if the underlying complexity was not there.
Expect a real-world inspired scenario, practical design guidance, and plenty of extension-building inspiration.
👉 Register your interest here!
https://discord.com/events/1159124119074381945/1499761261750128670 -
🎙️ Join Federico’s Discord talk later today!
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining #PortSwigger on Discord for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Most web and mobile backends and APIs can be assessed effectively with #BurpSuite out of the box. But testers sometimes hit scenarios where standard workflows become impractical, such as encryption, request signing, custom data formats, WAF controls, token handling, and other protections.
In this talk, Federico will explore how custom Burp Suite extensions can integrate those mechanisms directly into your testing workflow, so you can keep using tools like Repeater, Intruder, Scanner, and more as if the underlying complexity was not there.
Expect a real-world inspired scenario, practical design guidance, and plenty of extension-building inspiration.
👉 Register your interest here!
https://discord.com/events/1159124119074381945/1499761261750128670 -
🎙️ Join Federico’s Discord talk later today!
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining #PortSwigger on Discord for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Most web and mobile backends and APIs can be assessed effectively with #BurpSuite out of the box. But testers sometimes hit scenarios where standard workflows become impractical, such as encryption, request signing, custom data formats, WAF controls, token handling, and other protections.
In this talk, Federico will explore how custom Burp Suite extensions can integrate those mechanisms directly into your testing workflow, so you can keep using tools like Repeater, Intruder, Scanner, and more as if the underlying complexity was not there.
Expect a real-world inspired scenario, practical design guidance, and plenty of extension-building inspiration.
👉 Register your interest here!
https://discord.com/events/1159124119074381945/1499761261750128670 -
🎙️ Join Federico’s Discord talk later today!
As part of #BurpExtensibilityMonth initiatives, our Research Lead and #BurpAmbassador @apps3c is joining #PortSwigger on Discord for “Restoring testability: Handling complex scenarios in Burp Suite with a custom extension”.
Most web and mobile backends and APIs can be assessed effectively with #BurpSuite out of the box. But testers sometimes hit scenarios where standard workflows become impractical, such as encryption, request signing, custom data formats, WAF controls, token handling, and other protections.
In this talk, Federico will explore how custom Burp Suite extensions can integrate those mechanisms directly into your testing workflow, so you can keep using tools like Repeater, Intruder, Scanner, and more as if the underlying complexity was not there.
Expect a real-world inspired scenario, practical design guidance, and plenty of extension-building inspiration.
👉 Register your interest here!
https://discord.com/events/1159124119074381945/1499761261750128670 -
🗺️ Where to Practice Ethical Hacking — Safe Learning Platforms 🔐
Sharpen your skills legally on platforms like TryHackMe (beginners), Hack The Box (intermediate/advanced), PortSwigger Academy (web), and CTF sites — safe, structured labs and communities for hands-on learning. 🎯💻
#ethicalhacking #TryHackMe #HackTheBox #PortSwigger #CTF #Infosec #CyberSecurity #LearnToHack #PenTesting #WhiteHat
-
Latest lab write-up. Came out a bit long but very informative.
https://medium.com/@marduk.i.am/blind-sql-injection-with-conditional-responses-46ee90b5f2c0
#BugBounty #bugbountytips #SQL #SQLI #injection #informationsecurity #Portswigger
-
#portswigger has released some #ai thingy for #burpsuite. It doesn't do anything on it's own, but the feature is on by default. If you go to the settings to disable it they ask you for feedback why you turn that crap off. Isn't that obvious? No matter the pinky promiss you make to your customers, that you don't store the data or train on it, as soon as you hand it of to an #LLM company we have no idea what happens. AI and customer data don't mix. End. Of. Story. #infosec #security
-
#portswigger has released some #ai thingy for #burpsuite. It doesn't do anything on it's own, but the feature is on by default. If you go to the settings to disable it they ask you for feedback why you turn that crap off. Isn't that obvious? No matter the pinky promiss you make to your customers, that you don't store the data or train on it, as soon as you hand it of to an #LLM company we have no idea what happens. AI and customer data don't mix. End. Of. Story. #infosec #security
-
🔍 Geeksta CyberLab | S1E3 🔍
Today, we’re diving into PortSwigger—exploring web security, breaking things (ethically), and learning how to patch them. If you're into cybersecurity, this one’s for you.
I’ll be live soon, feel free to drop by.
#Geeksta #CyberLab #Cybersecurity #PortSwigger #EthicalHacking #WebSecurity
-
Stealing #HttpOnly #cookies with the cookie sandwich technique #portswigger https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
-
Stealing #HttpOnly #cookies with the cookie sandwich technique #portswigger https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
-
Stealing #HttpOnly #cookies with the cookie sandwich technique #portswigger https://portswigger.net/research/stealing-httponly-cookies-with-the-cookie-sandwich-technique
-
Nice to see Maxence Schmitt's CSPT research (a nominee for #Portswigger's top 10 web hacking techniques for 2024) getting a shout out on the Critical Thinking Bug Bounty podcast !
Check out the review and comments here: https://youtu.be/3rkg1CUDpjA?si=yu4AtH6eLwu0F5n8&t=2687
-
This year, Doyensec is excited to have 4⃣ great nominations in Portswigger's Top 10 Web Hacking Techniques! 🥳
Check them all out and vote for your favorites (hopefully ours🤞) today!
https://portswigger.net/research/top-10-web-hacking-techniques-of-2024-nominations-open
-
Hello everyone.
In today's article we are talking about the most used successful plugins for burpsuitehttps://denizhalil.com/2024/08/05/top-10-burp-suite-extensions/
#burpsutie #ethicalhacking #bugbounty #bughunter #portswigger
-
PortSwigger Scores Hefty $112 Million Investment https://www.securityweek.com/portswigger-scores-hefty-112-million-investment/ #ApplicationSecurity #penetrationtesting #BrightonPark #Funding/M&A #PortSwigger #BurpSuite
-
PortSwigger Scores Hefty $112 Million Investment https://www.securityweek.com/portswigger-scores-hefty-112-million-investment/ #ApplicationSecurity #penetrationtesting #BrightonPark #Funding/M&A #PortSwigger #BurpSuite
-
BSCP — разгадываем тайны сертификации от академии PortSwigger
Привет, Хабр! Меня зовут Никита, я пентестер, специализируюсь на веб-тестировании. Наверняка многие из вас задумывались о подтверждении своей экспертизы с помощью некоторых сертификаций. Сегодня хочу поговорить о популярной сертификации от академии PortSwigger — BSCP, посвященной тестированию веб-приложений. Прежде чем приступить к изучению материалов для подготовки к BSCP, я уже имел хорошее представление об основных веб-уязвимостях из списка OWASP TOP-10. Также я знал, как эксплуатировать базовые уязвимости, такие как SQL-injection, XSS, Server-Side Template Injection и многие другие. Но на одном из этапов я задался вопросом: как всё-таки к нему эффективно подготовиться? В этой статье я поделюсь лайфхаками по подготовке к сертификации, покажу, как может помочь встроенный в Burp Suite сканер уязвимостей, и подробно разберу каждый из этапов самого экзамена.
https://habr.com/ru/companies/jetinfosystems/articles/805297/
#пентест #pentest #ctf #BSCP #sqlinjection #xss #PortSwigger #OWASP_TOP10