James Kettle
@albinowax
Director of Research at PortSwigger Burp Suite
Check out my website for published research, other social platforms & contact details
ID:109850328
https://jameskettle.com/ 30-01-2010 14:01:28
4,3K Tweets
70,3K Followers
83 Following
Follow People
Can't speak for everyone but it makes me quite uncomfortable when people send me sensitive info in collaboration requests before I've agreed to help. If their bug gets leaked/duped/patched I don't want them blaming me.
In the words of Schneier Blog, 'data is a toxic asset'
We've just published 'How to build custom scanners for web security automation', using a recent dive into automated race-condition detection by James Kettle as a case study. Enjoy!
portswigger.net/research/how-t…
Really excited for the next 3 upcoming Web Security Academy topics! Got some much-requested hits and topics we've been afraid to tackle earlier (but not *that* topic)
While the infosec community ponders where to settle, you can also find me at:
@[email protected]
bsky.app/profile/jamesk…
linkedin.com/in/james-kettl…
Can't wait till everyone's back on one platform. At least I don't have a newsletter yet!
Burp Suite 2023.10 is harder to fingerprint than earlier versions as it now sets 'Accept-Encoding: gzip, deflate, br'. If you're still blocked, you might bypass it by tinkering with your TLS ciphers using 'Network->TLS -> Use custom protocols and ciphers'
portswigger.net/burp/documenta…
Anyone going to be attending Nullcon Goa on 23 September?
If so, it's your last chance to catch the live presentation of James Kettle's 'Smashing the state machine: the true potential of web race conditions' … NULLCON #NullconGoa2023
portswigger.net/research/talks