We’re excited to announce that Burp Suite Enterprise Edition is now available in PortSwigger’s secure cloud. You can now free up testing time with scalable, automated DAST scanning, without the burden ...

Contains information about the check itself. The metadata object is mandatory for all BChecks and must be placed at the very start of the definition.

The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS ...

You can customize most of the tables in Burp. This enables you to focus on the information that you're interested in. Burp remembers your preferences, so you don't ...

The best way to start testing an application is to map its contents. This enables you to understand what the application does and how it behaves. You can then ...

While you map the application, you can use a range of Burp tools to help you analyze your findings. This enables you to identify key attack surface. You can use this information to plan your approach ...

Blind SQL injection occurs when an application is vulnerable to SQL injection, but its HTTP responses do not contain the results of the relevant SQL query or the details of any database errors. Many ...

Are you looking for training in how to use Burp Suite? Would you like to take your understanding of web security to the next level? Our training hub incorporates options for self-study, development ...

A career-defining opportunity to join PortSwigger - a high-growth, product-led tech business - to fuel our growth by helping us to reach new customers. We are a diverse group of people with a wide ...

From DDoS assaults to cybersecurity exploits that result in a data breach, cyber-attacks present a growing threat to businesses, governments, and individuals. Whether they come from so-called ...

If a page fails to set an appropriate X-Frame-Options or Content-Security-Policy HTTP header, it might be possible for a page controlled by an attacker to load it within an iframe. This may enable a ...

BChecks are custom scan checks that you can create and import. Burp Scanner runs these checks in addition to its built-in scanning routine, helping you to target your scans and make your testing ...