portswigger research - Robuta Search

https://portswigger.net/research/splitting-the-email-atom Splitting the email atom: exploiting parsers to bypass access controls | PortSwigger Research Some websites parse email addresses to extract the domain and infer which organisation the owner belongs to. This pattern makes email-address parser... access controls splitting email https://portswigger.net/research/smashing-the-state-machine Smashing the state machine: the true potential of web race conditions | PortSwigger Research For too long, web race condition attacks have focused on a tiny handful of scenarios. Their true potential has been masked thanks to tricky workflows, missing... true potential smashing state https://portswigger.net/research/how-i-choose-a-security-research-topic How I choose a security research topic | PortSwigger Research security research choose topic https://portswigger.net/research/a-hacking-hat-trick-previewing-three-portswigger-research-publications-coming-to-def-con-amp-black-hat-usa A hacking hat-trick: previewing three PortSwigger Research publications coming to DEF CON & Black... hat trick portswigger research https://portswigger.net/research/finding-that-one-weird-endpoint-with-bambdas Finding that one weird endpoint, with Bambdas | PortSwigger Research one weird bambdas portswigger Sponsored https://spicierai.com/ SPICIER AI https://portswigger.net/research/top-10-web-hacking-techniques-of-2020 Top 10 web hacking techniques of 2020 | PortSwigger Research Welcome to the Top 10 (novel) Web Hacking Techniques of 2020, our annual community-powered effort to identify the must-read web security research released in... hacking techniques top web https://portswigger.net/research/when-security-features-collide When security features collide | PortSwigger Research security features collide https://portswigger.net/research/practical-web-cache-poisoning Practical Web Cache Poisoning | PortSwigger Research cache poisoning portswigger https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher So you want to be a web security researcher? | PortSwigger Research web security want researcher https://portswigger.net/research/cracking-recaptcha-turbo-intruder-style Cracking reCAPTCHA, Turbo Intruder style | PortSwigger Research turbo intruder cracking style https://portswigger.net/research/breaking-the-chains-on-http-request-smuggler Breaking the chains on HTTP Request Smuggler | PortSwigger Research http request breaking chains https://portswigger.net/research/backslash-powered-scanning-hunting-unknown-vulnerability-classes Backslash Powered Scanning: hunting unknown vulnerability classes | PortSwigger Research Abstract Existing web scanners search for server-side injection vulnerabilities by throwing a canned list of technology-specific payloads at a target and... portswigger research backslash https://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface Cracking the lens: targeting HTTP's hidden attack-surface | PortSwigger Research Modern websites are browsed through a lens of transparent systems built to enhance performance, extract analytics and supply numerous additional services. This... attack surface cracking lens https://portswigger.net/research/websocket-turbo-intruder-unearthing-the-websocket-goldmine WebSocket Turbo Intruder: Unearthing the WebSocket Goldmine | PortSwigger Research Many testers and tools give up the moment a protocol upgrade to WebSocket occurs, or only perform shallow analysis. This is a huge blind spot, leaving many... turbo intruder websocket https://portswigger.net/research/how-to-build-custom-scanners-for-web-security-research-automation How to build custom scanners for web security research automation | PortSwigger Research build custom web security https://portswigger.net/research/top-10-web-hacking-techniques-of-2023 Top 10 web hacking techniques of 2023 | PortSwigger Research Welcome to the Top 10 Web Hacking Techniques of 2023, the 17th edition of our annual community-powered effort to identify the most innovative must-read web... hacking techniques top web https://portswigger.net/research/browser-powered-desync-attacks Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the... browser powered desync attacks https://portswigger.net/research/gotta-cache-em-all Gotta cache 'em all: bending the rules of web cache exploitation | PortSwigger Research Through the years, we have seen many attacks exploiting web caches to hijack sensitive information or store malicious payloads. However, as CDNs became more... gotta cache em bending rules https://portswigger.net/research/top-10-web-hacking-techniques-of-2019 Top 10 web hacking techniques of 2019 | PortSwigger Research hacking techniques top web