# web-security

4 articlestagged with “web-security”

XSS Vulnerabilities from AI-Generated Code

Analysis of cross-site scripting patterns produced by LLM code generation, covering DOM XSS, reflected XSS, and framework-specific bypass patterns.

code-gen-securityxssweb-securityllm-vulnerabilities

Beginner

Burp Suite & AI Security Extensions

Using Burp Suite for AI API security testing: intercepting LLM API calls, AI-specific extensions, fuzzing AI endpoints, testing prompt injection via HTTP, and integrating web security methodology with AI red teaming.

burp-suiteextensionsweb-securitytools

Intermediate

DNS Rebinding Attacks Against AI Services

Exploiting DNS rebinding to bypass network controls and access internal AI model serving endpoints, training dashboards, and GPU management interfaces

infrastructuredns-rebindingnetwork-attacksweb-securitymodel-serving

Advanced

Using Burp Suite for LLM API Endpoint Testing

Walkthrough for using Burp Suite to intercept, analyze, and attack LLM API endpoints, covering proxy configuration, request manipulation, automated scanning for injection flaws, and custom extensions for AI-specific testing.

burp-suiteapi-testingllm-securityproxyweb-securitywalkthrough

Intermediate