# web-security

標記為「web-security」的 8 篇文章

XSS Vulnerabilities from AI-Generated Code

Analysis of cross-site scripting patterns produced by LLM code generation, covering DOM XSS, reflected XSS, and framework-specific bypass patterns.

code-gen-securityxssweb-securityllm-vulnerabilities

入門

Burp Suite & AI Security Extensions

Using Burp Suite for AI API security testing: intercepting LLM API calls, AI-specific extensions, fuzzing AI endpoints, testing prompt injection via HTTP, and integrating web security methodology with AI red teaming.

burp-suiteextensionsweb-securitytools

中級

DNS Rebinding Attacks Against AI Services

Exploiting DNS rebinding to bypass network controls and access internal AI model serving endpoints, training dashboards, and GPU management interfaces

infrastructuredns-rebindingnetwork-attacksweb-securitymodel-serving

進階

Using Burp Suite for LLM API Endpoint Testing

Walkthrough for using Burp Suite to intercept, analyze, and attack LLM API endpoints, covering proxy configuration, request manipulation, automated scanning for injection flaws, and custom extensions for AI-specific testing.

burp-suiteapi-testingllm-securityproxyweb-securitywalkthrough

中級

XSS Vulnerabilities from AI-Generated Code

Analysis of cross-site scripting patterns produced by LLM code generation, covering DOM XSS, reflected XSS, and framework-specific bypass patterns.

code-gen-securityxssweb-securityllm-vulnerabilities

入門

Burp Suite 與 AI 安全擴充

以 Burp Suite 進行 AI API 安全測試：攔截 LLM API 呼叫、AI 特定擴充、對 AI 端點模糊測試、以 HTTP 測試提示注入，以及將 Web 資安方法論與 AI 紅隊整合。

burp-suiteextensionsweb-securitytools

中級

DNS Rebinding 攻擊s Against AI Services

利用ing DNS rebinding to bypass network controls and access internal AI model serving endpoints, training dashboards, and GPU management interfaces

infrastructuredns-rebindingnetwork-attacksweb-securitymodel-serving

進階

Using Burp Suite for LLM API Endpoint Testing

導覽 for using Burp Suite to intercept, analyze, and attack LLM API endpoints, covering proxy configuration, request manipulation, automated scanning for injection flaws, and custom extensions for AI-specific testing.

burp-suiteapi-testingllm-securityproxyweb-securitywalkthrough

中級