All InfoSec / Cybersecurity News
Source: portswigger.net / PortSwigger Research
https://portswigger.net/research
Making Desync attacks easy with TRACE
1 month, 4 weeks ago |
portswigger.net
Using form hijacking to bypass CSP
2 months, 1 week ago |
portswigger.net
Top 10 web hacking techniques of 2023
2 months, 4 weeks ago |
portswigger.net
Hiding payloads in Java source code strings
3 months, 3 weeks ago |
portswigger.net
Top 10 web hacking techniques of 2023 - nominations open
4 months, 1 week ago |
portswigger.net
Blind CSS Exfiltration: exfiltrate unknown web pages
5 months, 1 week ago |
portswigger.net
How to build custom scanners for web security research automation
7 months, 2 weeks ago |
portswigger.net
Exploiting XSS in hidden inputs and meta tags
10 months, 1 week ago |
portswigger.net
How I choose a security research topic
11 months ago |
portswigger.net
Bypassing CSP via DOM clobbering
11 months, 1 week ago |
portswigger.net
The curl quirk that exposed Burp Suite & Google Chrome
1 year, 1 month ago |
portswigger.net
Server-side prototype pollution: Black-box detection without the DoS
1 year, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2022
1 year, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2022 - nominations open
1 year, 4 months ago |
portswigger.net
Hijacking service workers via DOM Clobbering
1 year, 5 months ago |
portswigger.net
Stealing passwords from infosec Mastodon - without bypassing CSP
1 year, 6 months ago |
portswigger.net
Safari is hot-linking images to semi-random websites
1 year, 6 months ago |
portswigger.net
HTTP/3 connection contamination: an upcoming threat?
1 year, 6 months ago |
portswigger.net
Our favourite community contributions to the XSS cheat sheet
1 year, 7 months ago |
portswigger.net
Making HTTP header injection critical via response queue poisoning
1 year, 7 months ago |
portswigger.net
The seventh way to call a JavaScript function without parentheses
1 year, 8 months ago |
portswigger.net
How to turn security research into profit: a CL.0 case study
1 year, 8 months ago |
portswigger.net
Using Hackability to uncover a Chrome infoleak
1 year, 8 months ago |
portswigger.net
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
1 year, 9 months ago |
portswigger.net
Framing without iframes
1 year, 9 months ago |
portswigger.net
Bypassing Firefox's HTML Sanitizer API
1 year, 10 months ago |
portswigger.net
Top 10 web hacking techniques of 2021
2 years, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2021 - nominations open
2 years, 4 months ago |
portswigger.net
Nothing found.
Items published with this topic over the last 90 days.
Latest
Making Desync attacks easy with TRACE
1 month, 4 weeks ago |
portswigger.net
Using form hijacking to bypass CSP
2 months, 1 week ago |
portswigger.net
Top 10 web hacking techniques of 2023
2 months, 4 weeks ago |
portswigger.net
Hiding payloads in Java source code strings
3 months, 3 weeks ago |
portswigger.net
Top 10 web hacking techniques of 2023 - nominations open
4 months, 1 week ago |
portswigger.net
Blind CSS Exfiltration: exfiltrate unknown web pages
5 months, 1 week ago |
portswigger.net
How to build custom scanners for web security research automation
7 months, 2 weeks ago |
portswigger.net
Exploiting XSS in hidden inputs and meta tags
10 months, 1 week ago |
portswigger.net
How I choose a security research topic
11 months ago |
portswigger.net
Bypassing CSP via DOM clobbering
11 months, 1 week ago |
portswigger.net
The curl quirk that exposed Burp Suite & Google Chrome
1 year, 1 month ago |
portswigger.net
Server-side prototype pollution: Black-box detection without the DoS
1 year, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2022
1 year, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2022 - nominations open
1 year, 4 months ago |
portswigger.net
Hijacking service workers via DOM Clobbering
1 year, 5 months ago |
portswigger.net
Stealing passwords from infosec Mastodon - without bypassing CSP
1 year, 6 months ago |
portswigger.net
Safari is hot-linking images to semi-random websites
1 year, 6 months ago |
portswigger.net
HTTP/3 connection contamination: an upcoming threat?
1 year, 6 months ago |
portswigger.net
Our favourite community contributions to the XSS cheat sheet
1 year, 7 months ago |
portswigger.net
Making HTTP header injection critical via response queue poisoning
1 year, 7 months ago |
portswigger.net
The seventh way to call a JavaScript function without parentheses
1 year, 8 months ago |
portswigger.net
How to turn security research into profit: a CL.0 case study
1 year, 8 months ago |
portswigger.net
Using Hackability to uncover a Chrome infoleak
1 year, 8 months ago |
portswigger.net
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
1 year, 9 months ago |
portswigger.net
Framing without iframes
1 year, 9 months ago |
portswigger.net
Bypassing Firefox's HTML Sanitizer API
1 year, 10 months ago |
portswigger.net
Top 10 web hacking techniques of 2021
2 years, 3 months ago |
portswigger.net
Top 10 web hacking techniques of 2021 - nominations open
2 years, 4 months ago |
portswigger.net
Top (last 7 days)
Nothing found.
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Senior - Penetration Tester
@ Deloitte | Madrid, España
Associate Cyber Incident Responder
@ Highmark Health | PA, Working at Home - Pennsylvania
Senior Insider Threat Analyst
@ IT Concepts Inc. | Woodlawn, Maryland, United States