The fine folks at Portswigger released the lastest version of BURP last week - v1.6.10
New checks include:
- Server-side include (SSI) injection
- Server-side Python code injection
- Leaked RSA private keys
- Duplicate cookies set
Also new APIs are added to Burp Extender, and changes to SSL handling in newer versions of Java (SNI handling in the handshake)
Full details at: http://releases.portswigger.net/
===============
Rob VandenBrink
Metafore