Best for pentesters and hands-on security professionals. Free up testing time with scalable, automated scanning Automated DAST scanning without limits. Free up testing time with trusted Burp ...

Get to grips with all the basics of Burp Suite Professional with our video tutorials. Covering product essentials such as intercepting HTTP requests and responses, scanning a website, and a guide to ...

You need to configure Firefox so that you can use it for testing with Burp Suite.

Hands-on security testers need the best tools for the job. Tools you have faith in, and enjoy using all day long. Burp Suite has long been that tool, and now, it's faster than ever. We’ve listened to ...

In this section, we'll talk about DOM-based JavaScript-injection vulnerabilities, discuss how they can impact the victim, and suggest ways to reduce your exposure to JavaScript-injection ...

JSON Web Tokens (JWT4B) lets you decode and manipulate JSON web tokens on the fly, check their validity and automate common attacks. Please note that JavaScript must ...

All Burp Sequencer tests start with the hypothesis that the tokens are randomly generated. Each test then: Observes properties of the sample that are likely to have certain characteristics if the ...

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to help safeguard the healthcare information of US residents. However, as the HIPAA breach examples below will ...

Performance is a critical factor in the usability and efficiency of any software, and Burp Suite is no exception. We've recently focused on enhancing Burp Suite's performance across several key areas ...

In this tutorial, you'll use Burp Sequencer to analyze the quality of randomness in an application's session tokens. Burp Sequencer may have unexpected results in some applications. Until you are ...

URL validation bypasses are the root cause of numerous vulnerabilities including many instances of SSRF, CORS misconfiguration, and open redirection. These work by using ambiguous URLs to trigger URL ...

The modern web is constantly developing, with new potential vulnerabilities emerging all the time. Ensuring your web applications are secure in the face of this evolving threat is a constant challenge ...