Hacker News new | comments | show | ask | jobs | submit | from login
Practical Web Cache Poisoning (portswigger.net)
146 points by 4kevinking 11 days ago | past | web | 10 comments
The new month of Burp pr0n (portswigger.net)
1 point by bellinom 13 days ago | past | web | discuss
Crawling with multiple logins – Blog (portswigger.net)
1 point by caruana 15 days ago | past | web
XSS protection disappears from Microsoft Edge (portswigger.net)
3 points by ccnafr 30 days ago | past | web
Evading CSP with DOM-based dangling markup (portswigger.net)
1 point by albinowax_ 32 days ago | past | web
XSS protection disappears from Microsoft Edge (portswigger.net)
1 point by albinowax_ 33 days ago | past | web
Survive the storm: Fortnite malware downloaded 78,000 times (portswigger.net)
1 point by Mimino123 48 days ago | past | web
Does online inclusivity mean automatic equality for emerging markets? (portswigger.net)
1 point by jgrahamc 53 days ago | past | web
Unearthing Z͌̈́̾a͊̈́l͊̿g̏̉͆o̾̚̚S̝̬ͅc̬r̯̼͇ͅi̼͖̜̭͔p̲̘̘̹͖t̠͖̟̹͓͇ͅ with visual fuzzing (portswigger.net)
3 points by startupflix 75 days ago | past | web
What website are you really on? Edge zero-day leaves users with no clue (portswigger.net)
2 points by albinowax_ 3 months ago | past | web
When Security Features Collide (portswigger.net)
3 points by dsr12 10 months ago | past | web
How I Accidentally Framed Myself for a Hacking Frenzy (portswigger.net)
2 points by kobayashi 12 months ago | past | web
Targeting HTTP's Hidden Attack-Surface (portswigger.net)
207 points by skybrian on July 29, 2017 | past | web | 13 comments
Cracking the Lens: Targeting HTTP's Hidden Attack-Surface (portswigger.net)
36 points by j_s on July 27, 2017 | past | web
Bypassing CSP using polyglot JPEGs (portswigger.net)
43 points by inian on Dec 1, 2016 | past | web | 15 comments
JSON hijacking for the modern web (portswigger.net)
3 points by albinowax_ on Nov 29, 2016 | past | web
JSON hijacking for the modern web (portswigger.net)
10 points by dsr12 on Nov 26, 2016 | past | web
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (portswigger.net)
4 points by cujanovic on Nov 7, 2016 | past | web
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (portswigger.net)
1 point by danso on Nov 4, 2016 | past | web
Exploiting CORS Misconfigurations for Bitcoins and Bounties (portswigger.net)
1 point by albinowax_ on Oct 18, 2016 | past | web
Executing non-alphanumeric JavaScript without parentheses (portswigger.net)
123 points by kkl on July 15, 2016 | past | web | 19 comments
Web Storage: the lesser evil for session tokens (portswigger.net)
195 points by kkl on May 31, 2016 | past | web | 69 comments
Microsoft Edge XSS Filter Bypass (portswigger.net)
2 points by rshetty10 on Apr 15, 2016 | past | web | 1 comment
Burp Suite 1.6.37 released, with reporting of all reflected/stored inputs (portswigger.net)
1 point by cujanovic on Feb 12, 2016 | past | web
XSS Without HTML: Client-Side Template Injection with AngularJS (portswigger.net)
1 point by restlessmedia on Jan 28, 2016 | past | web
XSS Without HTML: Client-Side Template Injection with AngularJS (portswigger.net)
1 point by wolframio on Jan 27, 2016 | past | web
Introducing Burp Collaborator: Web Security Testing (portswigger.net)
2 points by potench on Jan 25, 2016 | past | web
Abusing Chrome's XSS auditor to steal tokens (portswigger.net)
2 points by matthewbauer on Aug 17, 2015 | past | web
PortSwigger Web Security Blog: Server-Side Template Injection (portswigger.net)
3 points by gregmolnar on Aug 9, 2015 | past | web
Burp Collaborator from Portswigger released today (portswigger.net)
1 point by jeronimo-gr on Apr 16, 2015 | past | web
More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: