Bypass CSP in a single click using my new Custom Action, powered by @renniepak's excellent CSP bypass project.

Turbo Intruder now has API docs! You can easily discover its many advanced features including - pauseMarker for pause-basd desync.. or DoS - wordlists.clipboard for lazy attack setup - multi-host attacks - 'randomPlz' ...and many more! Link below ->

The Fragile Lock: Novel Bypasses for SAML Authentication will premiere this Wednesday at 10:20 at Black Hat Europe! I'll show you how to chain XML parser quirks to achieve complete authentication bypasses on multiple popular libraries #BHEU @BlackHatEvents

“Privacy by default. Disclosure by choice.” That’s how Charles Hoskinson kicked off the Midnight Summit. Watch the full keynote and finally get the answer to “wen Midnight?”

You can now scan for #react2shell in @Burp_Suite. To enable, install the Extensibility Helper bapp, go to the bambda tab and search for react2shell. Shout-out to @assetnote for sharing a reliable detection technique!

Next week I'll be on a #BHEU panel alongside review board members Enno Rey, Marina Krotofil & Marion Marschalek! If you're an aspiring researcher, this is a chance to grill us on what it takes to land a conference slot & deliver an unforgettable presentation @BlackHatEvents

I've just upgraded Turbo Intruder with a shiny new algorithm called HTTP Anomaly Rank, which automatically finds the most unusual responses in your attack! Here's a quick demo, full details in the writeup below:

We've updated our XSS cheat sheet to include 9 new vectors from @garethheyes! Here are the top three, you can find the rest linked below

Meet Zacky, TFK's December Kid of the Month. He's using his voice and working with lawmakers to protect kids with food allergies (like him!) Read all about Zacky, and much more, in the latest issue of TIME for Kids.

HTTP is supposed to be stateless, but sometimes... it isn't! Some servers create invisible vulnerabilities by only validating the first request on each TCP/TLS connection. I've just published a Custom Action to help you detect & exploit this - here's a narrated demo:

I’m excited to announce that I’ll be presenting The Fragile Lock: Novel Bypasses for SAML Authentication at Black Hat Europe! In this talk, I’ll show how I was able to continuously bypass security patches to achieve complete auth bypass for major libraries. #BHEU @BlackHatEvents

Hackers are becoming builders - by integrating AI enhancements they’re amplifying their unique tradecraft to hack deeper, faster. I'll be sharing my vision of the future of hacking in @Hacker0x01's 'Bionic Hacking' webinar on October 15! Register here:

HTTP/1.1 Must Die is coming to #romhack2025 as the keynote! In-person tickets are sold out but you can still watch the livestream. This is your last chance to catch it live - register to watch here: https://t.co/j5vmX9dVnE

Dive into WebSocket Turbo Intruder 2.0 - fuzz at scale, automate complex multi-step attacks, and exploit faster. The blog post is live! Read it here: https://t.co/H2SwnCGPOE

We use James Kettle’s (@albinowax) Burp extension Collaborator Everywhere daily. Now our upgrades are in v2: customizable payloads, storage, visibility. Perfect for OOB bugs like SSRF. Find out more here: https://t.co/HhGUYrJNvQ #AppSec #BurpSuite #Pentesting

We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings:

I just published a Repeater feature to make it easier to explore request smuggling. It repeats your request until the status code changes. It's called "Retry until success" and you can install it via the Extensibility helper bapp.

Ever seen two responses to one request? That's just pipelining... or is it? I've just published "Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling" 👇

Watch HTTP/1.1 Must Die live today at 1630 PST! - In person at #defcon33 track 1, main stage - Remote livestream free on YouTube (link below) Enjoy!

🚨 New @WebSecAcademy lab: https://t.co/Am8qEYVI5K request smuggling Based on HTTP/1 Must Die, presented at #BHUSA Solve it, write it up, and you could: ✅ Get featured on the PortSwigger blog 🎁 Win a 1-year Burp Suite Pro license 🧢 Score some swag https://t.co/FD5QVZKecn

The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die:

HTTP Request Smuggling Explained (with @albinowax) 🎥👉🏼 https://t.co/tCvlLoupgz