<noscript>| portswigger.net
Abstract Upstream HTTP/1.1 is inherently insecure and regularly exposes millions of websites to hostile takeover. Six years of attempted mitigations have hidden the issue, but failed to fix it. This p| PortSwigger Research
In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie| PortSwigger Research
Mystery lab challenge Try solving a random lab with the title and description hidden. As you'll have no prior knowledge of the type of vulnerability that ...| portswigger.net
This is mildly abridged (and less vendor-neutral) writeup of the core technical content from my Hunting Asynchronous Vulnerabilities presentation from 44Con and BSides Manchester. In it, I introduce t| PortSwigger Research
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.| portswigger.net
In this section, we'll describe various ways in which HTTP request smuggling vulnerabilities can be exploited, depending on the intended functionality and ...| portswigger.net
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.| portswigger.net
Using Burp's Invisible Proxy Settings to Test a Non-Proxy-Aware Thick Client Application In some cases a thick client application will respect the proxy ...| portswigger.net
In this section, we explain what OS command injection is, and describe how vulnerabilities can be detected and exploited. We also show you some useful ...| portswigger.net
This lab stores user chat logs directly on the server's file system, and retrieves them using static URLs. Solve the lab by finding the password for the ...| portswigger.net
PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities.| portswigger.net
This lab has a stock check feature which fetches data from an internal system. To solve the lab, change the stock check URL to access the admin interface at ...| portswigger.net
PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities.| portswigger.net
In this section, we'll cover what insecure deserialization is and describe how it can potentially expose websites to high-severity attacks. We'll highlight ...| portswigger.net
Burp Scanner is the industry's gold standard dynamic web vulnerability scanner. Start vulnerability scanning today with a free trial of Burp Suite.| portswigger.net
For too long, web race condition attacks have focused on a tiny handful of scenarios. Their true potential has been masked thanks to tricky workflows, missing tooling, and simple network jitter hiding| PortSwigger Research
Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain. This behavior can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targeting the correct domain and with a valid SSL certificate (if SSL is used), lends credib...| portswigger.net
Copies selected request(s) as Python-Requests invocations.| portswigger.net
Caches are woven into websites throughout the net, discreetly juggling data between users, and yet they are rarely scrutinized in any depth. In this paper, I'll show you how to remotely probe through| PortSwigger Research
HTTP Desync Attacks: Request Smuggling Reborn| PortSwigger Research
Burp Suite Professional is the world's most popular tool for web security testing. Get a free trial now and identify the very latest vulnerabilities.| portswigger.net
You can apply Java-based Bambdas to create powerful custom filters for your HTTP history. You can do this in two ways: Load existing Bambdas - Load Bambdas ...| portswigger.net
In this section we explain what server-side request forgery (SSRF) is, and describe some common examples. We also show you how to find and exploit SSRF ...| portswigger.net
Interactive cross-site scripting (XSS) cheat sheet for 2024, brought to you by PortSwigger. Actively maintained, and regularly updated with new vectors.| portswigger.net
Get Burp Suite. The class-leading vulnerability scanning, penetration testing, and web app security platform. Try for free today.| portswigger.net
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.| portswigger.net
Burp Suite Community Edition is PortSwigger's essential manual toolkit for learning about web security testing. Free download.| portswigger.net
In this section, we will explain what insecure direct object references (IDOR) are and describe some common vulnerabilities. What are insecure direct object ...| portswigger.net
In this paper I'll show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems| PortSwigger Research
