Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with burp-extensions

A curated list of projects in awesome lists tagged with burp-extensions .

https://github.com/mr-xn/burpsuite-collections

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

burp-extensions burp-requests burpsuite burpsuite-extender burpsuite-java burpsuite-tools burpsuite-xkeys hackbar hacktool j2eescan jar pentest-tool pentesting python-burp sendto shiro-burp sqlmap waf

Last synced: 03 Dec 2024

https://github.com/Mr-xn/BurpSuite-collections

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

burp-extensions burp-requests burpsuite burpsuite-extender burpsuite-java burpsuite-tools burpsuite-xkeys hackbar hacktool j2eescan jar pentest-tool pentesting python-burp sendto shiro-burp sqlmap waf

Last synced: 25 Oct 2024

https://github.com/aress31/burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

ai burp-extensions burp-plugin burpsuite burpsuite-extender cybersecurity gpt gpt-3 openai openai-api pentesting security security-automation webapp

Last synced: 19 Dec 2024

https://github.com/api-security/apikit

APIKit:Discovery, Scan and Audit APIs Toolkit All In One.

api-sec api-security apisec burp-extensions

Last synced: 21 Dec 2024

https://github.com/API-Security/APIKit

APIKit:Discovery, Scan and Audit APIs Toolkit All In One.

api-sec api-security apisec burp-extensions

Last synced: 17 Nov 2024

https://github.com/wagiro/burpbounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 03 Nov 2024

https://github.com/wagiro/BurpBounty

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

bug-bounty bugbounty burp-extensions burpsuite vulnerability-detection vulnerability-scanner

Last synced: 01 Nov 2024

https://github.com/bit4woo/knife

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

burp burp-extensions burp-plugin burpsuite burpsuite-extender cookie hackbar header-edit http-edit knife menu u2c unicode-to-chinese update-cookie

Last synced: 19 Dec 2024

https://github.com/doyensec/inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

api-documentation-tool bugbounty bugbounty-tool burp-extensions burpsuite graphql graphql-security penetration-testing security-audit security-scanner security-tools

Last synced: 18 Dec 2024

https://github.com/f0ng/captcha-killer-modified

captcha-killer的修改版,支持关键词识别base64编码的图片,添加免费ocr库,用于验证码爆破,适配新版Burpsuite

burp burp-extensions burp-plugin

Last synced: 19 Dec 2024

https://github.com/whwlsfb/burpcrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

burp-extensions burp-plugin burpcrypto burpsuite burpsuite-extender ctf ctf-tools execute-js-encryption fuzz-testing payloads

Last synced: 15 Dec 2024

https://github.com/whwlsfb/BurpCrypto

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

burp-extensions burp-plugin burpcrypto burpsuite burpsuite-extender ctf ctf-tools execute-js-encryption fuzz-testing payloads

Last synced: 18 Nov 2024

https://github.com/bit4woo/fiora

Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。

burp-extensions fiora nuclei nuclei-gui poc

Last synced: 15 Dec 2024

https://github.com/bit4woo/Fiora

Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。

burp-extensions fiora nuclei nuclei-gui poc

Last synced: 21 Nov 2024

https://github.com/c0ny1/captcha-killer

burp验证码识别接口调用插件

burp-extensions burp-plugin burpsuite-extender captcha

Last synced: 20 Dec 2024

https://github.com/hisxo/reconaizer

A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

bugbounty burp-extensions burpsuite gpt-4 openai openai-api openai-chatgpt

Last synced: 20 Dec 2024

https://github.com/hisxo/ReconAIzer

A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

bugbounty burp-extensions burpsuite gpt-4 openai openai-api openai-chatgpt

Last synced: 05 Nov 2024

https://github.com/f0ng/log4j2burpscanner

CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks

burp-extensions burp-plugin log4j2 log4jshell

Last synced: 20 Dec 2024

https://github.com/bit4woo/reCAPTCHA

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

burp-extensions burp-plugin burpsuite captcha intruder recaptcha recognize-captcha recognizes-images

Last synced: 09 Nov 2024

https://github.com/bit4woo/recaptcha

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

burp-extensions burp-plugin burpsuite captcha intruder recaptcha recognize-captcha recognizes-images

Last synced: 18 Dec 2024

https://github.com/c0ny1/sqlmap4burp-plus-plus

sqlmap4burp++是一款兼容Windows,mac,linux多个系统平台的Burp与sqlmap联动插件

burp-extensions burpsuite-extender sqlmap

Last synced: 21 Dec 2024

https://github.com/bit4woo/domain_hunter

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

burp-extensions burp-plugin burpsuite-extender certificate certification domain-discovery domain-hunter domains https-certificate organization-domain related-domain similar-domain sitemap spider subdomain subject-alternative-name subject-name subjectaltname

Last synced: 20 Dec 2024

https://github.com/vaycore/OneScan

OneScan是递归目录扫描的BurpSuite插件

burp burp-extensions burp-plugin dir-fuzz dir-scanner dirscan fuzz fuzz-testing

Last synced: 10 Sep 2024

https://github.com/synacktiv/HopLa

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

burp burp-extensions burp-plugin burp-suite burp-ui

Last synced: 18 Nov 2024

https://github.com/bishopfox/gadgetprobe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

burp-extensions java java-deserialization javassist pentest-tools pentesting security-tools

Last synced: 15 Dec 2024

https://github.com/BishopFox/GadgetProbe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

burp-extensions java java-deserialization javassist pentest-tools pentesting security-tools

Last synced: 03 Nov 2024

https://github.com/Acmesec/Sylas

新一代子域名主/被动收集工具 - Subdomain automatic/passive collection tool

burp-extensions burp-plugin burpsuite-extender burpsuite-tools scan scanner scanner-web subdomain-finder subdomain-scanner

Last synced: 21 Nov 2024

https://github.com/volkandindar/agartha

A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced XSS exploitation.

application-security appsec burp-extensions burpsuite cybersecurity hacking hacking-tool offensivesecurity offsec penetration-testing pentesting

Last synced: 18 Nov 2024

https://github.com/hisxo/jspector

A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues

burp-extensions burpsuite burpsuite-tools

Last synced: 16 Dec 2024

https://github.com/1ultimat3/BadIntent

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

android burp-extensions mobile-security pentesting

Last synced: 21 Nov 2024

https://github.com/prakharathreya/Struts2-RCE

A Burp Extender for checking for struts 2 RCE vulnerabilities.

burp-extensions struts2 struts2-rce

Last synced: 21 Nov 2024

https://github.com/c0ny1/HTTPHeadModifer

一款快速修改HTTP数据包头的Burp Suite插件

burp-extensions httphelper

Last synced: 25 Oct 2024

https://github.com/c0ny1/httpheadmodifer

一款快速修改HTTP数据包头的Burp Suite插件

burp-extensions httphelper

Last synced: 20 Nov 2024

https://github.com/vsec7/BurpSuite-Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

burp-extensions burpsuite hacking osint pentest-tool pentesting

Last synced: 09 Nov 2024

https://github.com/d3mondev/burp-vps-proxy

This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.

bugbounty burp-extensions burpsuite pentesting proxy socks5

Last synced: 18 Dec 2024

https://github.com/bit4woo/u2c

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

burp-extensions burp-plugin burpsuite-extender chinese unicode

Last synced: 18 Nov 2024

https://github.com/P3GLEG/PwnBack

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

burp burp-extensions burpsuite information-retrieval osint security-tools

Last synced: 09 Nov 2024

https://github.com/p3gleg/pwnback

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

burp burp-extensions burpsuite information-retrieval osint security-tools

Last synced: 19 Dec 2024

https://github.com/f0ng/autodecoder-usages

autoDecoder的用法及案例,包含加解密方法、绕waf、替换参数等操作。

burp-extensions burpsuite-tools

Last synced: 20 Dec 2024

https://github.com/usdAG/cstc

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

burp-extensions burp-plugin burpsuite cyberchef encoding extender java transformation

Last synced: 09 Nov 2024

https://github.com/f0ng/autoDecoder-usages

autoDecoder的用法及案例,包含加解密方法、绕waf、替换参数等操作。

burp-extensions burpsuite-tools

Last synced: 21 Nov 2024

https://github.com/aress31/openapi-parser

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

burp-extensions burp-plugin burpsuite json openapi openapi-client openapi-specification openapi2 openapi3 parser pentesting restful-api swagger yaml

Last synced: 17 Dec 2024

https://github.com/saoshao/DetSql

Burp插件,快速探测可能存在SQL注入的请求并标记,提高测试效率

burp-extensions burp-plugin burpsuite-extender

Last synced: 07 Dec 2024

https://github.com/simioni87/auth_analyzer

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

application-security auth authorization burp-extensions burp-plugin burpsuite pentest-tool portswigger

Last synced: 18 Nov 2024

https://github.com/artssec/burp-exporter

Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.

bappstore burp-extensions burpsuite exporter python security-tools

Last synced: 16 Nov 2024

https://github.com/yandex/burp-molly-scanner

Turn your Burp suite into headless active web application vulnerability scanner

automated-testing burp-extensions security vulnerability-scanners

Last synced: 07 Nov 2024

https://github.com/moeinfatehi/Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

application-security appsecurity backupfinder burp burp-extensions burpsuite burpsuite-extender data-leakage owasp owasp-top-10 owasp-top-ten penetration-testing pentesting portswigger sensitive-data-exposure

Last synced: 18 Nov 2024

https://github.com/kapytein/jsonp

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.

burp burp-extensions infosec pentesting

Last synced: 09 Nov 2024

https://github.com/xer0times/SQLi-Query-Tampering

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

bug-bounty bugbounty bughunting burp-extensions burp-plugin burpsuite burpsuite-pro evasion payload-generator pentesting pentesting-tools sqli sqlinjection

Last synced: 10 Sep 2024

https://github.com/Anof-cyber/ParaForge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

bug-bounty bugbounty burp-extensions burpsuite cybersecurity pentesting pentesting-tools python

Last synced: 18 Nov 2024

https://github.com/anof-cyber/paraforge

A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing

bug-bounty bugbounty burp-extensions burpsuite cybersecurity pentesting pentesting-tools python

Last synced: 06 Nov 2024

https://github.com/hvqzao/burp-wildcard

Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

burp burp-extensions burp-plugin burpsuite

Last synced: 09 Nov 2024

https://github.com/sule01u/AutorizePro

🧿 AutorizePro是一款越权检测 Burp 插件,通过增加AI分析模块 && 进一步优化检测逻辑,大幅降低误报率,提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding AI analysis modules, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

ai authorization bounty-hunters bounty-hunting-tools broken-access-control bugbounty burp-extensions burpsuite llm pentest-tool pentesting sdlc-tools security-tools unauthorized unauthorized-access-tool vulnerability-detection

Last synced: 12 Dec 2024

https://github.com/silentsignal/burp-piper

Piper Burp Suite Extender plugin

burp-extensions burp-plugin burpsuite-extender

Last synced: 09 Nov 2024

https://github.com/Anof-cyber/Pentest-Mapper

A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities

appsec bugbounty burp burp-extensions burp-plugin burpsuite burpsuite-extender burpsuite-tools infosec pentesting

Last synced: 18 Nov 2024

https://github.com/anof-cyber/pentest-mapper

A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities

appsec bugbounty burp burp-extensions burp-plugin burpsuite burpsuite-extender burpsuite-tools infosec pentesting

Last synced: 06 Nov 2024

https://github.com/BitTheByte/BitBlinder

BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities

burp-extensions burp-plugin burpsuite burpsuite-extender jython python

Last synced: 03 Nov 2024

https://github.com/d3k4z/burp-copy-as-ffuf

Burp Extension that copies a request and builds a FFUF skeleton

burp burp-extensions burpsuite ffuf jython

Last synced: 21 Nov 2024

https://github.com/keramas/mssqli-duet

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

active-directory application-security burp-extensions burp-plugin mssql penetration-testing sql-injection user-enumeration windows

Last synced: 12 Oct 2024

https://github.com/Keramas/mssqli-duet

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

active-directory application-security burp-extensions burp-plugin mssql penetration-testing sql-injection user-enumeration windows

Last synced: 03 Nov 2024

https://github.com/tkmru/lazyCSRF

A more useful CSRF PoC generator on Burp Suite

arsenal blackhat burp-extensions burp-plugin burpsuite csrf

Last synced: 21 Nov 2024

https://github.com/Static-Flow/RepeaterSearch

This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.

appsec burp-extensions burpsuite burpsuite-tools

Last synced: 21 Nov 2024

https://github.com/gnothiseautonlw/burp-shell-fwd-lfi

A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

burp-extensions burp-plugin burpsuite burpsuite-extender penetration-testing penetration-testing-tools pentesting security security-tools

Last synced: 21 Nov 2024

https://github.com/thomashartm/burp-aem-scanner

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

adobe-experience-manager aem burp burp-extensions burp-plugin dispatcher java security-audit security-automation

Last synced: 27 Oct 2024

https://github.com/typeerror/bookmarks

Reclaim control of your Burp Suite Repeater tabs with this powerful extension

appsec bugbounty burp-extensions burpsuite burpsuite-extender burpsuite-pro

Last synced: 08 Nov 2024

https://github.com/augustd/burp-suite-error-message-checks

Burp Suite extension to passively scan for applications revealing server error messages

burp burp-extensions burp-plugin burpsuite java penetration-testing pentest scanning

Last synced: 09 Nov 2024

https://github.com/yeswehack/YesWeBurp

YesWeHack Api Extension for Burp

bugbounty burp-extensions hacking pentest tools

Last synced: 09 Nov 2024

https://github.com/TypeError/Bookmarks

Reclaim control of your Burp Suite Repeater tabs with this powerful extension

appsec bugbounty burp-extensions burpsuite burpsuite-extender burpsuite-pro

Last synced: 24 Oct 2024

https://github.com/righettod/virtualhost-payload-generator

BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolution.

burp-extensions pentesting web

Last synced: 09 Nov 2024

https://github.com/righettod/log-requests-to-sqlite

BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.

audit-trail burp-extensions pentesting web

Last synced: 28 Oct 2024

https://github.com/aress31/flarequench

Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.

burp-extensions burp-plugin burpsuite cloudflare cloudflare-bypass crimeflare

Last synced: 28 Oct 2024

https://github.com/bit4woo/ReSign

A burp extender that recalculate signature value automatically after you modified request parameter value.

burp-extensions extender md5 resign secretkey sha1 sign signature-algorithms

Last synced: 09 Nov 2024

https://github.com/bit4woo/resign

A burp extender that recalculate signature value automatically after you modified request parameter value.

burp-extensions extender md5 resign secretkey sha1 sign signature-algorithms

Last synced: 18 Nov 2024

https://github.com/jiangsir404/Xss-Sql-Fuzz

burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz

burp burp-extensions burpsuite python

Last synced: 24 Oct 2024

https://github.com/ztgrace/mole

Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.

appsec burp-extensions infosec oob penetration-testing python security-tools xss xxe

Last synced: 21 Nov 2024

https://github.com/chopicalqui/TurboDataMiner

The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and faster understanding of the data collected by Burp Suite.

burp burp-api burp-extensions burp-plugin burpsuite burpsuite-extender data-mining intelligence intelligence-gathering

Last synced: 09 Nov 2024

https://github.com/bayotop/sink-logger

Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.

burp burp-extensions domxss javascript jython

Last synced: 09 Nov 2024

https://github.com/twelvesec/BearerAuthToken

This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.

authorization burp burp-extensions burpsuite burpsuite-extender

Last synced: 09 Nov 2024

https://github.com/bit4woo/burp-api-common

common methods that used by my burp extension projects

burp burp-api burp-extensions burp-plugin methods

Last synced: 18 Nov 2024

https://github.com/ntestoc3/burp-clj

clojure实现burp插件,提供clj脚本加载环境

burp-extensions clojure

Last synced: 21 Nov 2024

https://github.com/ricardojba/poi-slinger

Automatically identify serialization issues in PHP Frameworks by means of an Burp Suite active scan

burp burp-extensions burp-plugin burpsuite burpsuite-extender burpsuite-pro burpsuitepro

Last synced: 09 Nov 2024

https://github.com/mgeeky/burpcontextawarefuzzer

BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.

burp-extensions burpsuite fuzzer penetration-testing

Last synced: 23 Oct 2024

https://github.com/mgeeky/burpContextAwareFuzzer

BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.

burp-extensions burpsuite fuzzer penetration-testing

Last synced: 09 Nov 2024