RT @albinowax: It's easy to bash vulnerabilities with logos but. I couldn't resist, say hello to :).

RT @PortSwigger: Another stop for Burp on Tour 2025. and today we're in sunny Sheffield for SteelCon! 😎 . Amazing buzz this morning talki….

RT @irsdl: I asked ChatGPT to give me a #BurpSuite Bambda Custom Action to update cookies in Repeater based on the response so I don't need….

RT @0xTib3rius: New video! Getting Into Cybersecurity - An Interview with James Kettle! (@albinowax). In this episode, James Kettle talks a….

RT @PortSwigger: In Vegas for Black Hat or DEF CON this August? . We've got an array of exciting events, meet ups and swag drops planned wh….

🚀 Register here:

⚠️ Don't miss out!. Shift-left without the strain – see how Burp Suite DAST fits directly into CI/CD pipelines without slowing devs down. 📅 July 10 | 4pm UTC. 🎯 Real teams, real pipelines, real results. Register now ⬇️

Full paper by University of Sheffield:

Are you curious about how AI can reduce false positives or dig deeper into identified issues?. Explore how Burp AI enhances your existing workflow, helping you hack smarter, not harder. 👉

At PortSwigger, that’s how we think about AI. We’re not taking away the thinking, intuition, or judgment that make pentesters so effective, but to automate the repetitive, accelerate the routine, and help uncover deeper insights.

🚀 AI isn’t here to replace pentesters, it’s here to supercharge them. A recent study by the University of Sheffield makes a compelling case:

Legendary PortSwigger researcher, James Kettle, recently answered your questions on security research, AI, and Burp Suite. In case you missed it, check out the recording 👉 .

RT @tincho_508: I'm thrilled to share that I will be presenting a 90 minute workshop in DEFCON's Bug Bounty Village!. I will be speaking ab….

RT @PortSwigger: What a morning it's already been at @BSidesLeeds! . It's brilliant to meet the Burp community, and hear all about how you'….

RT @CristiVlad25: Top 3 @Burp_Suite extensions, by popularity:. 1. JS Miner.2. Param Miner.3. Autorize. I use 1 and 3 in the majority of my….

🚀 Add JWT Editor to Burp now:. #BurpSuite #JWT #BurpExtension

💥 Built-in JWT attacks. No fuss - just select and attack.

✍️ Smart in-place editing. No more switching between tools to encode and decode the data. A purpose-built, prettified view for working with JWTs makes it much simpler to manipulate tokens directly in Burp Repeater and Proxy Intercept.

🤓 Dedicated message editor view. Easily view your JWTs in a dedicated message tab, side-by-side with your request/response or WebSocket message. The editor provides views for both JWS and JWE, and automatically detects which format to use.

🔎 Auto-detects JWTs. Automatically highlight any HTTP or WebSockets requests containing JWTs so you can easily spot them among the noise.