# Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 - James Kettle - ASW #380

Page: https://stenobird.com/podcast/application-security-weekly-audio-436682/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380
Text version: https://stenobird.com/podcast/application-security-weekly-audio-436682/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380.md
Podcast: [Application Security Weekly (Audio)](https://stenobird.com/podcast/application-security-weekly-audio-436682)
Published: 2026-04-28T09:00:00+00:00
Episode link: https://aswaudio.libsyn.com/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380
Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_380_1--4ef025e5-4e30-47ef-9fd6-3f63f40c508a--audio-converted--82568283-5ad1-4e45-b881-937892cabb52.mp3?dest-id=626765
Processing state: not_requested
JSON: https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380
Duration seconds: 2695

## Resource

Portswigger's list of web hacking techniques is a long-running celebration of curiosity and research from the web hacking community. James Kettle shares his thoughts on the entries from 2025 and how he expects LLMs and agents to influence what the list will look like for next year. He also shares some insights on using LLMs for his own blackbox research, giving us a peek into the work he'll be sharing at Black Hat USA this summer. Resources https://portswigger.net/research/top-10-web-hacking-techniques-of-2025 https://blackhat.com/us-26/briefings/schedule/index.html#can-ai-do-novel-security-research-meet-the-http-terminator-51894 Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-380

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/application-security-weekly-audio-436682/top-10-web-hacking-techniques-of-2025-and-a-hint-for-2026-james-kettle-asw-380.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.