This learning path teaches you how to test APIs that aren't fully used by the website front-end. You'll learn key API recon skills to help you discover more attack surface. In addition, you'll learn ...
A Burp extension to generate async Python code from HTTP requests. This extension generates different flavors of scripts (e.g. with/without session, with/without main function). The resulting codes ...
Application responses may depend systematically on the presence or absence of the Referer header in requests. This behavior does not necessarily constitute a security vulnerability, and you should ...
HTTP requests sometimes contain SQL syntax. If this is incorporated into a SQL query and executed by the server, then the application is almost certainly vulnerable to SQL injection. When SQL-like ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback