James 'albinowax' Kettle


I'm the Director of Research at PortSwigger, where I research and publish novel web attack techniques. I also design and refine vulnerability detection techniques for Burp Suite's scanner, and share knowledge via the Web Security Academy. (full bio)

Social: Twitter, Bluesky, Mastodon, LinkedIn, PortSwigger
Contact: or

Upcoming presentations

None right now, exploring some ideas for BHUSA/DEFCON 2024.

Latest published talk: Smashing the state machine: the true potential of web race conditions (recording)


Show/Hide past presentations Show/Hide past presentations

Past presentations


Research Portfolio

HTTP Request Smuggling

Web Cache Poisoning


Tools & automation

Other highlights

How I approach research

Inspiration: gareth, magic mac, lcamtuf, filedescriptor, agarri, fin1te, ezequiel pereira, homakov, irsdl, .mario, insertScript, sirdarckcat, kkotowicz, ush.it, webstersprodigy, kuza55, neal poole and many others.

Misc