Connect with us

Hi, what are you looking for?

Cyber Security

Burp Suite 2023.9.1 Released – What’s New

Portswigger has released its latest version of Burp Suite 2023.9.1, which includes a lot of additional features and bug fixes that can be helpful for security professionals and web application penetration testers.

Burp Suite has been one of the most used Penetration Testing tools used by security professionals and organizations worldwide. It has a Free or Community Edition, a Professional Edition, and an Enterprise Edition. All of them differ based on their implementation and usage.

New Improvements

Several additional features, like the new repeater functionality enable a single-packet attack feature that reduces the latency between the transmission and receiver, allowing users to send multiple requests in parallel.

Synchronization of these requests makes it easier to test for race conditions. In addition to this, Repeater can be grouped together to send parallel requests from all the tabs. These tabs can consist of multiple HTTP versions of the request which is synchronized using the last-byte synchronization of Repeater.

Further improvements include GraphQL introspection, project-level crawl path tab inclusion, and Reusing of HTTP/1 connections in the Intruder tab for speeding up the attack against the target.

Other Improvements

The new version of Burp Suite also includes automatic throttling settings in accordance with the resource pooling allowing users to configure Burp Scanner with a list of HTTP response codes that can delay the requests made with the scanner.

As part of the security improvement, Burp Suite has introduced the “Trust this Project” option, which will remove any harmful settings from the Burp Project file. This is extremely useful when these configuration files are downloaded from the internet.

An isolated scan feature has been introduced, which lets users view any isolated scan and its results. This option is also useful for conducting testing without affecting the live scan results.

Further improvements include Montoya API changes, Intermediate CA certificate specification for hardware tokens and smart cards, and custom SNI values in repeater.

Setting up a custom SNI value allows simulating external user interaction attacks detected by Scanner and Collaborator payloads. 

Furthermore, several bug fixes and other new features have been introduced by Portswigger which can allow Security professionals to conduct much more sophisticated attacks and mitigations.

Source: https://cybersecuritynews.com/burp-suite-2023-9-1/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

In recent findings from Check Point Research, a significant phishing attack targeting more than 40 prominent Colombian companies has been uncovered.  The attackers behind this campaign...

Cyber Security

According to recent reports, a threat actor has compromised the confidential information of 3,200 Airbus vendors. The exposed data includes sensitive details such as...

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Cyber Security

Telegram Messenger offers global, cloud-based instant messaging with several features:- Cybersecurity researchers at Securlist recently found several Telegram mods on Google Play in various...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO