The modern web is constantly developing, with new potential vulnerabilities emerging all the time. Ensuring your web applications are secure in the face of this evolving threat is a constant challenge ...

This Burp extension allows you to dynamically add or update the DPoP (Demonstrating Proof of Possession) HTTP header to outgoing HTTP requests based on configured criteria. Features Dynamically ...

Burp Suite Enterprise Edition enables you to upload an OpenAPI definition to run a specific API scan. You can add new API definitions at any time. API definitions are managed in the Sites menu. Each ...

We provide a template configuration file. The file includes comments to help you to understand and edit each of the parameters. After you edit the configuration file, you can rename it to ...

In this section, we'll talk about DOM-based JavaScript-injection vulnerabilities, discuss how they can impact the victim, and suggest ways to reduce your exposure to JavaScript-injection ...

This page requires JavaScript for an enhanced user experience.

This page requires JavaScript for an enhanced user experience.

This page requires JavaScript for an enhanced user experience.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 to help safeguard the healthcare information of US residents. However, as the HIPAA breach examples below will ...

Some websites parse email addresses to extract the domain and infer which organisation the owner belongs to. This pattern makes email-address parser discrepancies critical. Predicting which domain an ...

Through the years, we have seen many attacks exploiting web caches to hijack sensitive information or store malicious payloads. However, as CDNs became more popular, new discrepancies between ...

More comprehensive scans. More vulnerabilities identified. More time saved. Enhance your API scanning with Burp Suite. As web portfolios have diversified, APIs have become an increasingly critical ...