Burp Suite Professional’s User Interface is one of the most advanced Java UIs out there, but everyone has a bad day now and then. Frustratingly, the tool’s Message Editor can […]
Burp Suite has some really cool features that make it useful as an HTTP Swiss Army Knife. It’s great for debugging and acting as a middle translation layer to duct […]
Penetration Testing is often an exercise of observing the behavior of the target, and then finding creative ways to subvert its expectations to trigger an unusual (security-impacting) behavior. Sometimes the […]
Following our initial release of the addToTLSPassThrough Burp Suite Extension, we are pleased to announce publication of version 1.0.1! AddToTLSPassThrough 1.0.1 Significant improvements to the extension have been added to […]
One of the reasons that Burp Suite has become a standard tool for Web Application Penetration Testing is the ecosystem of Extensions that enable it to support new functionality. Sometimes […]
This blog post serves as an introduction to GraphQL. We will shine light on how the query language functions and some basic security considerations, as well as tools and techniques […]
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part Two) The “right tool for the job” isn’t always the perfect tool for the job, and if you have been using Burp […]
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part One) If you have been using Burp Suite for a while, you probably have some ideas for small features or tweaks to […]
Password Cracking has its own large methodology when it comes to targeted methods of cracking passwords. You can consider English and other language models, passphrases, 1337sp34k translations, case MoDiFCaTiOn, distributed […]
I was recently combing through GitHub for a tool that I tend to use on mobile application penetration tests when I came across APKLeaks. I currently make use of Mobile […]
