-
- Site: [http://portswigger-labs.net](http://portswigger-labs.net)
**New Alerts**
- **Cross Site Scripting (Reflected)** [40012] total: 2:
- [http://portswigger-labs.net/xss-unreliable.php?x…
-
* https://portswigger.net/blog/new-burp-suite-api-we-want-your-feedback
* https://github.com/PortSwigger/burp-extensions-montoya-api
-
**Is your feature request related to a problem? Please describe.**
We have many levels under JWT Vulnerability https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/servi…
-
https://github.com/tatliHU/memewebsite/blob/5e8bd77edaf86cae8afa502ba68ef42b843d85ea/templates/change_password.html#L31
Here, usually a "double-submit token" is used to prevent attackers from cross…
-
support websockets (inspired by portswigger's use of them in their LLM tutorial material, https://portswigger.net/web-security/all-labs#web-llm-attacks)
-
awvs会针对referer头和x-Forwarded-For检测
他会针对referer植入一个网址 一般是谷歌网址加一堆参数测试
-
### Is there an existing feature or issue for this?
- [X] I have searched the existing issues
### Expected feature
PortSwigger offers a free DAST scanner: https://portswigger.net/burp/documentation…
-
I'm trying out the HttpHandler example at https://github.com/PortSwigger/burp-extensions-montoya-api-examples/tree/main/httphandler
It logs to the extension output so the extension is working, but …
-
X-XSS-Protection has been deprecated - partially due to the rise of CSP, and partially because it can actually increase vulnerability ("XS-Leak" attacks).
References:
* https://owasp.org/www-proje…
-
### Checklist
- [X] I have searched the [existing issues](https://github.com/streamlit/streamlit/issues) for similar issues.
- [X] I added a very descriptive title to this issue.
- [X] I have provide…