Overview In part 4 of our series on creating extensions for Burp Suite using the Montoya API, we will learn about designing an interactive GUI for our extension. If you haven’t read the previous installments of this blog post series yet, we highly recommend you do...
Overview Starting an Application Security (AppSec) testing career in 2024 can seem daunting given the vast landscape of content and resources. In this blog post we will demystify the journey, offering wisdom, practical advice, and resourceful tips help you out. This...
Overview Despite its popularity as an SQL injection example, we argue that “OR 1=1” presents more risks than rewards. It may work for login bypasses occasionally, but its reliability is questionable, and better alternatives exist. We explore the drawbacks,...
Overview In this blog post series, we’ll guide you through the process of creating Burp extensions. First, we will set up your development environment. Then, we will create a basic extension to add a custom feature to Burp Suite. Over the course of the series,...
Overview The demand for skilled web application penetration testers is still ever-increasing and we are proud to introduce the Practical Web Pentest Associate (PWPA) certification. This certification is designed to validate the skills of aspiring web application...
Overview JSON permeates virtually every corner of the digital landscape today. It powers web APIs, configures files, fuels mobile apps, and anchors data storage. To maintain seamless day-to-day hacking, it’s crucial to wield a robust understanding of JSON....
