Soroush Dalili 🍏🍐
@irsdl.bsky.social
Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, X: @irsdl
https://secproject.com/
https://soroush.me/
https://burpsuite.ninja/
https://secproject.com/
https://soroush.me/
https://burpsuite.ninja/
Wouldn't this also be vulnerable to dns rebinding attacks?
July 2, 2025 at 10:16 AM
Wouldn't this also be vulnerable to dns rebinding attacks?
I only have one ticket! I am not the worst 🤣
June 2, 2025 at 5:37 PM
I only have one ticket! I am not the worst 🤣
You would have kept it if it was called activity logs 🥹 Probably an ego boost would be a better name for these activities though 🥲
April 18, 2025 at 10:55 PM
You would have kept it if it was called activity logs 🥹 Probably an ego boost would be a better name for these activities though 🥲
I wonder if burp itself can do something for jython extensions since it has access to the location of a jython jar file to share it with extensions. But even with that I need to see how jython can use montoya 🥲
April 8, 2025 at 1:04 PM
I wonder if burp itself can do something for jython extensions since it has access to the location of a jython jar file to share it with extensions. But even with that I need to see how jython can use montoya 🥲
Do we need to include the jython jar file in it? forum.portswigger.net/thread/are-j...
Are Jython extensions deprecated? - Burp Suite User Forum
Hello,
I was looking into writing an extension, and all of the current documentation seems to indicate it should be done in Java via the new...
forum.portswigger.net
April 8, 2025 at 7:23 AM
Do we need to include the jython jar file in it? forum.portswigger.net/thread/are-j...
I always thought jython cannot use montoya. Is this a hackvertor hack or it's been always possible?
April 7, 2025 at 11:05 PM
I always thought jython cannot use montoya. Is this a hackvertor hack or it's been always possible?
As always, also thanks to @albinowax and @PortSwigger for keeping the top 10 flame alive for another year!
February 4, 2025 at 4:49 PM
As always, also thanks to @albinowax and @PortSwigger for keeping the top 10 flame alive for another year!
You are right. Unfortunately it's a cruel one especially when there is no sponsor. Most researchers also just use it with not much contribution which is ok but sad.
December 24, 2024 at 5:45 PM
You are right. Unfortunately it's a cruel one especially when there is no sponsor. Most researchers also just use it with not much contribution which is ok but sad.