PortSwigger1d
Content type is not specified
If a response does not specify a content type, then the browser will usually analyze the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the ...
PortSwigger2d
The top 10 best pentesting tools and extensions in Burp Suite
Penetration testing tools allow proper assessment of a system's cybersecurity within a sensible timeframe. Of these tools, Burp Suite Professional is one of the most widely used. With more than 55,000 ...
PortSwigger7d
Using Burp to Test for Cross-Site Request Forgery (CSRF)
Cross-site request forgery (CSRF) is an attack which forces an end user to execute unwanted actions on a web application to which they are currently authenticated. CSRF vulnerabilities may arise when ...