Hacker News new | comments | show | ask | jobs | submit | from login
An overview of the top web hacking techniques of 2017 (portswigger.net)
144 points by albinowax_ 10 days ago | past | web | 11 comments
Bypassing CSP using polyglot JPEGs (portswigger.net)
2 points by wyldfire 39 days ago | past | web
Burp Suite 2.0 beta now available (portswigger.net)
2 points by bellinom 59 days ago | past | web
Practical Web Cache Poisoning (portswigger.net)
146 points by 4kevinking 72 days ago | past | web | 10 comments
The new month of Burp pr0n (portswigger.net)
1 point by bellinom 75 days ago | past | web
Crawling with multiple logins – Blog (portswigger.net)
1 point by caruana 76 days ago | past | web
XSS protection disappears from Microsoft Edge (portswigger.net)
3 points by ccnafr 3 months ago | past | web
Evading CSP with DOM-based dangling markup (portswigger.net)
1 point by albinowax_ 3 months ago | past | web
XSS protection disappears from Microsoft Edge (portswigger.net)
1 point by albinowax_ 3 months ago | past | web
Survive the storm: Fortnite malware downloaded 78,000 times (portswigger.net)
1 point by Mimino123 3 months ago | past | web
Does online inclusivity mean automatic equality for emerging markets? (portswigger.net)
1 point by jgrahamc 3 months ago | past | web
Unearthing Z͌̈́̾a͊̈́l͊̿g̏̉͆o̾̚̚S̝̬ͅc̬r̯̼͇ͅi̼͖̜̭͔p̲̘̘̹͖t̠͖̟̹͓͇ͅ with visual fuzzing (portswigger.net)
3 points by startupflix 4 months ago | past | web
What website are you really on? Edge zero-day leaves users with no clue (portswigger.net)
2 points by albinowax_ 5 months ago | past | web
When Security Features Collide (portswigger.net)
3 points by dsr12 on Oct 6, 2017 | past | web
How I Accidentally Framed Myself for a Hacking Frenzy (portswigger.net)
2 points by kobayashi on Aug 21, 2017 | past | web
Targeting HTTP's Hidden Attack-Surface (portswigger.net)
207 points by skybrian on July 29, 2017 | past | web | 13 comments
Cracking the Lens: Targeting HTTP's Hidden Attack-Surface (portswigger.net)
36 points by j_s on July 27, 2017 | past | web
Bypassing CSP using polyglot JPEGs (portswigger.net)
43 points by inian on Dec 1, 2016 | past | web | 15 comments
JSON hijacking for the modern web (portswigger.net)
3 points by albinowax_ on Nov 29, 2016 | past | web
JSON hijacking for the modern web (portswigger.net)
10 points by dsr12 on Nov 26, 2016 | past | web
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (portswigger.net)
4 points by cujanovic on Nov 7, 2016 | past | web
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (portswigger.net)
1 point by danso on Nov 4, 2016 | past | web
Exploiting CORS Misconfigurations for Bitcoins and Bounties (portswigger.net)
1 point by albinowax_ on Oct 18, 2016 | past | web
Executing non-alphanumeric JavaScript without parentheses (portswigger.net)
123 points by kkl on July 15, 2016 | past | web | 19 comments
Web Storage: the lesser evil for session tokens (portswigger.net)
195 points by kkl on May 31, 2016 | past | web | 69 comments
Microsoft Edge XSS Filter Bypass (portswigger.net)
2 points by rshetty10 on Apr 15, 2016 | past | web | 1 comment
Burp Suite 1.6.37 released, with reporting of all reflected/stored inputs (portswigger.net)
1 point by cujanovic on Feb 12, 2016 | past | web
XSS Without HTML: Client-Side Template Injection with AngularJS (portswigger.net)
1 point by restlessmedia on Jan 28, 2016 | past | web
XSS Without HTML: Client-Side Template Injection with AngularJS (portswigger.net)
1 point by wolframio on Jan 27, 2016 | past | web
Introducing Burp Collaborator: Web Security Testing (portswigger.net)
2 points by potench on Jan 25, 2016 | past | web
More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: