Please choose the edition of Burp Suite that is right for you. Help me choose ›
|Free Edition||Professional Edition
$349 per user per year
|Burp Intruder||?||Time-throttled demo||yes|
|Save and Restore||?||yes|
|Release Schedule||?||Major point releases||Frequent updates, earlier releases, beta versions|
|Download now||Buy now|
"Burp Suite Pro is an unbelievably powerful tool. The scanner is amazingly fast and accurate. I use Burp extensively and it has never let me down."
Alex Lauerman, FishNet Security
"If you test the security of web applications for a living, Burp Suite Pro is an essential weapon you must have in your arsenal."
Jack Mannino, CEO, nVisium Security Inc.
Every experienced pentester knows there is a lot more to XSS than <script>alert(1)</script> - filtering, encoding, browser-quirks and WAFs all team up to keep things interesting. AngularJS Template Injection is no different. In this post, we will examine how we adapted template injection payloads to bypass filtering and encoding and exploit Piwik and Uber.