Top 79 burpsuite open source projects

The main SamuraiWTF collaborative distro repo.

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Automate security tests using Burp Suite.

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support

Identify technologies used on websites.

Wordlist for content(directory) bruteforce discovering with Burp or dirsearch

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

A plugin that allows you execute python and get return to BurpSuite.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Security checks pack for Burp Suite

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

No description or website provided.

Adds a customizable "Send to..."-context-menu to your BurpSuite.

基于BurpSuite的一款FOFA Pro 插件

burpsuite extension for check unauthorized vulnerability

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

An extensible application for penetration testers and software developers to decode/encode data into various formats.

Burp Bounty profiles compilation, feel free to contribute!

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Burp Pro as a Docker Container

Burp Suite extension to passively scan for applications revealing server error messages

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

burpsuite extension for check and extract sensitive request parameter

Burp extension to passively scan for applications revealing software version numbers

burpsuite extension for extract information from data

HackBar plugin for Burpsuite

InQL - A Burp Extension for GraphQL Security Testing

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

Powerful plugins and add-ons for hackers

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

Automated HTTP Request Repeating With Burp Suite

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.

🔰渗透测试资源库🔰黑客工具🔰维基解密文件🔰木马免杀🔰信息安全🔰技能树🔰数据库泄露🔰

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

HaE - BurpSuite Highlighter and Extractor

Burpsuite-Plugins-Usage

myscan 被动扫描

intercepting kali router

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

这是基于Burp Suite官方文档翻译而来的中文版文档

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

百宝箱

Complete Listing and Usage of Tools used for Ethical Hacking

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting

|| Activate Burp Suite Pro with Loader and Key-Generator ||

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

This Burp extension helps you to find usages of postMessage and recvMessage

CaA - BurpSuite Collector and Analyzer

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.