PortSwigger1 天
What is DOM-based cross-site scripting?
DOM-based XSS vulnerabilities usually arise when JavaScript takes data from an attacker-controllable source, such as the URL, and passes it to a sink that supports dynamic code execution, such as eval ...
PortSwigger3 天
Getting started with Burp Sequencer
In this tutorial, you'll use Burp Sequencer to analyze the quality of randomness in an application's session tokens. Burp Sequencer may have unexpected results in some applications. Until you are ...
PortSwigger2 天
Professional / Community 2024.12
This release introduces the Burp Intruder capture filter, automatic decoding of SMTP messages in Burp Collaborator, improved accuracy of recorded logins and a number of other improvements.
PortSwigger5 天
Cacheable HTTPS response
Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive ...